1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

898 Commits

Author SHA1 Message Date
Werner Koch
b27161cd0c Require Libgcrypt 1.6
* agent/pksign.c (do_encode_dsa): Remove Libgcrypt version check
--

Now that we have decided on a release plan for Libgcrypt 1.6 and given
all the improvements it makes more sense to make use of these
improvements than to clutter the GnuPG code with workarounds for older
Libgcrypt versions.
2013-11-15 09:01:11 +01:00
Werner Koch
6466db10fb Switch to deterministic DSA.
* agent/pksign.c (rfc6979_hash_algo_string): New.
(do_encode_dsa) [Libgcrypt >= 1.6]: Make use of RFC-6979.
--

Now that we have a good (and not NSA/NIST demanded ;-) specification
on how to use DSA without a random nonce, we take advantage of it and
thus avoid pitfalls related to a misbehaving RNG during signature
creation.

Note that OpenPGP has the option of using a longer hash algorithm but
truncated to what is suitable for the used DSA key size.  The hash
used as input to RFC-6979 will also be one with an appropriate digest
length but not a truncated one.  This is allowed by RFC-6979.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-08 11:25:58 +02:00
Werner Koch
fdbf76eee6 Fix commit 04e2c83f.
* agent/command-ssh.c (stream_read_string): Do not assign to a NULL
ptr.
2013-08-28 17:58:43 +02:00
Werner Koch
780ba32336 gpg: Make decryption with the OpenPGP card work.
* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New.
* scd/app-openpgp.c (do_decipher): Add arg R_INFO.
* scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy.
* scd/app.c (app_decipher): Add arg R_INFO.
* scd/command.c (cmd_pkdecrypt): Print status line "PADDING".
* agent/call-scd.c (padding_info_cb): New.
(agent_card_pkdecrypt): Add arg R_PADDING.
* agent/divert-scd.c (divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Ditto.
* agent/command.c (cmd_pkdecrypt):  Print status line "PADDING".
* g10/call-agent.c (padding_info_cb): New.
(agent_pkdecrypt): Add arg R_PADDING.
* g10/pubkey-enc.c (get_it): Use padding info.
--

Decryption using a card never worked in gpg 2.1 because the
information whether the pkcs#1 padding needs to be removed was not
available.  Gpg < 2.1 too this info from the secret sub key but that
has gone in 2.1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-28 17:40:32 +02:00
Werner Koch
04e2c83f18 agent: Fix two compiler warnings.
* agent/command.c (cmd_preset_passphrase, pinentry_loopback): Use %zu
in format string.
* scd/ccid-driver.c (ccid_get_atr): Ditto.
* agent/command-ssh.c (stream_read_string): Init arg STRING_SIZE to
avoid maybe_unitialized warning.
--

Actually the first one might have been a problem on big endian
machines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-28 13:04:31 +02:00
Werner Koch
50c98c7ed6 agent: Extend cmd KEYINFO to return data from sshcontrol.
* agent/command-ssh.c (struct control_file_s): Rename to
ssh_control_file_s.
(ssh_open_control_file, ssh_close_control_file)
(ssh_read_control_file, ssh_search_control_file): New.
(control_file_t):  Rename and move to ...
* agent/agent.h (ssh_control_file_t): here.
* agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled,
and confirm. Rename unknown keytype indicator from '-' to 'X'.  Extend
output.
(cmd_keyinfo): Add options --ssh-list and --with-ssh.
--

This extension allows the development of frontends to manage the
sshcontrol file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-08 21:22:38 +02:00
Werner Koch
ef6a6d973c agent: Include missing prototype.
* agent/protect.c: Include cvt-openpgp.h.
2013-08-01 11:32:05 +02:00
Werner Koch
82c25e67a1 Modernize two format string file name quotes.
--
2013-06-27 09:28:43 +02:00
Werner Koch
136f190a2f Fix Makefile regression.
* agent/Makefile.am (gpg_agent_DEPENDENCIES): Remove cruft from wrong
resolve conflict 2013-04-25.
(gpg_agent_DEPENDENCIES): Remove obsolete gpg_agent_res_deps
(gpg_agent_LDFLAGS): Remove obsolete gpg_agent_res_ldflags.
--

This fixes 88e24341e57c96e31a25e92e09d67989e64cc1c1.  Thanks to
Christian Aistleitner for pinpointing this bug.  Am sorry for accusing
automake to have introduced this bug; I should have washed my own eyes.

GnuPG-bug-id: 1511
2013-06-26 23:23:18 +02:00
Werner Koch
7777e68d04 Implement unattended OpenPGP secret key import.
* agent/command.c (cmd_import_key): Add option --unattended.
* agent/cvt-openpgp.c (convert_transfer_key): New.
(do_unprotect): Factor some code out to ...
(prepare_unprotect): new function.
(convert_from_openpgp): Factor all code out to ...
(convert_from_openpgp_main): this.  Add arg 'passphrase'.  Implement
openpgp-native protection modes.
(convert_from_openpgp_native): New.
* agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion
* agent/protect-tool.c (convert_from_openpgp_native): Ditto.
* agent/protect.c (agent_unprotect): Add arg CTRL.  Adjust all
callers.  Support openpgp-native protection.
* g10/call-agent.c (agent_import_key): Add arg 'unattended'.
* g10/import.c (transfer_secret_keys): Use unattended in batch mode.
--

With the gpg-agent taking care of the secret keys, the user needs to
migrate existing keys from secring.gpg to the agent.  This and also
the standard import of secret keys required the user to unprotect the
secret keys first, so that gpg-agent was able to re-protected them
using its own scheme.  With many secret keys this is quite some
usability hurdle.  In particular if a passphrase is not instantly
available.

To make this migration smoother, this patch implements an unattended
key import/migration which delays the conversion to the gpg-agent
format until the key is actually used.  For example:

   gpg2 --batch --import mysecretkey.gpg

works without any user interaction due to the use of --batch.  Now if
a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent
has to ask for the passphrase anyway, converts the key from the
openpgp format to the internal format, signs, re-encrypts the key and
tries to store it in the gpg-agent format to the disk.  The next time,
the internal format of the key is used.

This patch has only been tested with the old demo keys, more tests
with other protection formats and no protection are needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 10:14:57 +02:00
Werner Koch
0f0e0559f9 agent: Fix length detection of canonical formatted openpgp keys.
* agent/command.c (cmd_import_key): Pass 0 instead of KEYLEN to
gcry_sexp_canon_len.
--

We used to pass KEYLEN to the gcry_sexp_canon_len for no good reason:
convert_from_openpgp is guaranteed to return a valid canonical
S-expression and KEYLEN would thus act only as an upper limit.  This
is not a problem because usually the original input key is longer than
the returned unprotected key.  A future patch may change this
assertion and thus we better fix this bug now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:30 +02:00
Werner Koch
f2d8a14e1b agent: New option --disable-check-own-socket.
* agent/gpg-agent.c (oDisableCheckOwnSocket): New.
(disable_check_own_socket): New.
(parse_rereadable_options): Set new option.
(check_own_socket): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:05 +02:00
Werner Koch
88e24341e5 w32: Add icons and version information.
* common/gnupg.ico: New.  Take from artwork/gnupg-favicon-1.ico.
* agent/gpg-agent-w32info.rc: New.
* g10/gpg-w32info.rc: New.
* scd/scdaemon-w32info.rc: New.
* sm/gpgsm-w32info.rc: New.
* tools/gpg-connect-agent-w32info.rc: New.
* common/w32info-rc.h.in: New.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP)
(BUILD_HOSTNAME): New.
(AC_CONFIG_FILES): Add w32info-rc.h.
* am/cmacros.am (.rc.o): New rule.
* agent/Makefile.am, common/Makefile.am, g10/Makefile.am
* scd/Makefile.am, sm/Makefile.am, tools/Makefile.am: Add stuff to
build resource files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from commit 049b3d9ca0285d15c00c215ac9b533c994196ca4)

Solved conflicts in:

	agent/Makefile.am
	common/Makefile.am
	g10/Makefile.am
	scd/Makefile.am
	sm/Makefile.am
	tools/Makefile.am
2013-05-07 21:35:48 +02:00
NIIBE Yutaka
ef1983d58b agent: pksign result conversion to sexp to upper layer.
* agent/agent.h (divert_pksign): Add R_SIGLEN argument.
* agent/divert-scd.c (divert_pksign): Return length at R_SIGLEN.
* agent/call-scd.c (agent_card_pksign): Move composition of
S-expression to...
* agent/pksign.c (agent_pksign_do): ... here.
--

Composing S-expression would be better to be done by SCDaemon.
2013-02-28 11:17:47 +09:00
Werner Koch
585d5c62ee Use has_leading_keyword in the assuan callbacks.
* agent/call-pinentry.c (inq_quality): Use has_leading_keyword.
* agent/call-scd.c (inq_needpin, inq_writekey_parms): Ditto.
* g10/call-agent.c (inq_writecert_parms, keyinfo_status_cb): Ditto.
(inq_genkey_parms, inq_ciphertext_cb, inq_import_key_parms): Ditto.
* g10/call-dirmngr.c (ks_put_inq_cb): Ditto.
* sm/call-agent.c (default_inq_cb, inq_ciphertext_cb): Ditto.
(inq_genkey_parms, istrusted_status_cb, learn_status_cb): Ditto.
(keyinfo_status_cb, inq_import_key_parms): Ditto.
* sm/call-dirmngr.c (inq_certificate, isvalid_status_cb): Ditto.
(lookup_status_cb, run_command_inq_cb, run_command_status_cb): Ditto.
2013-02-22 10:56:13 +01:00
Werner Koch
c6b8f05517 Remove some unused variables.
* tools/gpgconf-comp.c (gc_process_gpgconf_conf): Remove unused
used_components.
* agent/command-ssh.c (ssh_signature_encoder_ecdsa): Mark unused arg.
* g13/g13.c (main): Comment variable of yet unimplemented options.
2013-02-22 09:42:46 +01:00
NIIBE Yutaka
3c3648e720 agent: fix two bugs.
* agent/command.c (cmd_keytocard): Decrement KEYDATALEN.
* agent/findkey.c (agent_public_key_from_file): Increment for ELEMS.

--
For ECDSA and ECDH, there are 6 elements.
2013-02-22 12:55:11 +09:00
NIIBE Yutaka
30f8a3c873 agent: Add KEYTOCARD command.
* agent/agent.h (divert_writekey, agent_card_writekey): New.
* agent/call-scd.c (inq_writekey_parms, agent_card_writekey): New.
* agent/command.c (cmd_keytocard, hlp_keytocard): New.
(register_commands): Add cmd_keytocard.
* agent/divert-scd.c (divert_writekey): New.
2013-02-12 14:19:12 +09:00
NIIBE Yutaka
7253093add scd: Rename 'keypad' to 'pinpad'.
* NEWS: Mention scd changes.

* agent/divert-scd.c (getpin_cb): Change message.

* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.

* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/iso7816.h (iso7816_check_pinpad): Rename.

* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.

* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.

* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.

* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.

* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.

* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:06:39 +09:00
Werner Koch
8b2b8dfe5c agent: Move a typedef to common and provide parse_pinentry_mode.
* common/agent-opt.c: New.
* common/shareddefs.h: New.
* common/Makefile.am: Add new files.
* agent/agent.h: Include shareddefs.h.
(pinentry_mode_t): Factor out to shareddefs.h.
* agent/command.c (option_handler): Use parse_pinentry_mode.
2013-02-06 12:56:19 +01:00
Werner Koch
4483a4f0ea agent: Return a better error code if no passphrase was given.
* agent/protect.c (hash_passphrase): Handle an empty passphrase.
--

This is mostly useful in loopback pinentry-mode.
2013-02-06 12:56:19 +01:00
NIIBE Yutaka
1999446644 agent: Fix a bug of handling return code from npth_join.
* agent/call-pinentry.c (agent_popup_message_stop): Fix npth_join
return code.
--
pth_join returns TRUE (1) on success.  But npth_join (and pthread_join)
returns 0 on success, returns error number on error.
2013-01-25 23:20:46 +09:00
Werner Koch
649b31c663 ssh: Support ECDSA keys.
* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.
2012-12-12 18:47:21 +01:00
Werner Koch
f76a0312c3 ssh: Rewrite a function for better maintainability
* agent/command-ssh.c (ssh_signature_encoder_dsa): Rewrite.
--

Using es_fopenmem instead of a preallocated buffer is safer and easier
to read.
2012-12-11 14:50:34 +01:00
Werner Koch
d2777f84be ssh: Improve key lookup for many keys.
* agent/command-ssh.c: Remove dirent.h.
(control_file_s): Add struct item.
(rewind_control_file): New.
(search_control_file): Factor code out to ...
(read_control_file_item): New.
(ssh_handler_request_identities): Change to iterate over entries in
sshcontrol.
--

Formerly we scanned the private key directory for matches of entries
in sshcontrol.  This patch changes it to scan the sshcontrol file and
thus considers only keys configured there.  The rationale for this is
that it is common to have only a few ssh keys but many private keys.
Even if that assumption does not hold true, the scanning of the
sshcontrol file is faster than reading the directory and only then
scanning the ssh control for each directory entry.
2012-12-10 18:27:23 +01:00
Werner Koch
25fb53ab4a ssh: Cleanup sshcontrol file access code.
* agent/command-ssh.c (SSH_CONTROL_FILE_NAME): New macro to replace
the direct use of the string.
(struct control_file_s, control_file_t): New.
(open_control_file, close_control_file): New.  Use them instead of
using fopen/fclose directly.
2012-12-10 16:39:12 +01:00
Werner Koch
36ba784599 agent: Add envvar "gnupg_SSH_AUTH_SOCK_by"
* agent/gpg-agent.c (main): Pass new envar gnupg_SSH_AUTH_SOCK_by to
an invoked process.
--

This environment variable is useful for debugging if
--use-standard-socket is used (which is the default since 2.1).
Commonly you should have this in your init script (e.g. ~/.bashrc):

    unset GPG_AGENT_INFO
    unset SSH_AGENT_PID
    SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
    export SSH_AUTH_SOCK

The problem is that gpg-agent won't be able to override the
SSH_AUTH_SOCK envvar if gpg-agent has been invoked as

  gpg-agent --enable-ssh-support --daemon /bin/bash

To fix this you should instead use this code in the init script:

  unset GPG_AGENT_INFO
  unset SSH_AGENT_PID
  if [ ${gnupg_SSH_AUTH_SOCK_by:-0} -ne $$ ]; then
    export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi

This will work in all cases and thus allows to start gpg-agent for
testing purposes with a different homedir and use this gpg-agent as an
ssh-agent.  Example:

  GNUPGHOME=$(pwd) gpg-agent --enable-ssh-support --daemon /bin/bash

gnupg_SSH_AUTH_SOCK_by is set to the PID of the exec-ed process and
thus will work safely if called recursively.
2012-12-10 14:45:26 +01:00
Werner Koch
835698b72b Do not use a broken ttyname.
* configure.ac (HAVE_BROKEN_TTYNAME): New ac_define set for Android
systems.
* common/util.h (gnupg_ttyname): New macro.  Change all callers of
ttyname to use this macro instead.
(ttyname) [W32]: Rename to _gnupg_ttyname and use also if
HAVE_BROKEN_TTYNAME is defined.
* common/simple-pwquery.c (agent_send_all_options): Keep on using
ttyname unless HAVE_BROKEN_TTYNAME is set.  This is because this file
may be used standalone.
2012-11-20 19:03:49 +01:00
Werner Koch
9f0e9ea80c agent: Use wipememory instead of memset in one place.
* agent/command.c (clear_outbuf): Use wipememory.  Suggested by Ben
Kibbey.
2012-11-06 18:51:47 +01:00
Werner Koch
905b6a36d3 Allow decryption with card keys > 3072 bits
* scd/command.c (MAXLEN_SETDATA): New.
(cmd_setdata): Add option --append.
* agent/call-scd.c (agent_card_pkdecrypt): Use new option for long
data.

* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
(app_select_openpgp): Store manufacturer.
(do_decipher): Print a note for broken cards.

--

Please note that I was not able to run a full test because I only have
broken cards (S/N < 346) available.
2012-11-06 14:48:06 +01:00
NIIBE Yutaka
8f8c29d24c agent: Fix wrong use of gcry_sexp_build_array
* findkey.c (agent_public_key_from_file): Fix use of
gcry_sexp_build_array.

--
A test case leading to a segv in Libgcrypt is

  gpg-connect-agent \
    "READKEY 9277C5875C8AFFCB727661C18BE4E0A0DEED9260" /bye

The keygrip was created by "monkeysphere s", which has a comment.

gcry_sexp_build_array expects pointers to the arguments which is quite
surprising.  Probably ARG_NEXT was accidentally implemented wrongly.
Anyway, we can't do anything about it and thus need to fix the check
the users of this function.

Some-comments-by: Werner Koch <wk@gnupg.org>
2012-11-02 16:22:26 +01:00
David Prévot
ba591e2f14 Fix typos spotted during translations
* agent/genkey.c: s/to to/to/
* sm/*.c: s/failed to allocated/failed to allocate/
* sm/certlist.c, ./dirmngr/validate.c: s/should have not/should not have/
* g10/seskey.c: missing closing parenthesis
* dirmngr/crlcache.c: s/may has/may have/

Consistency fix:

* g10/gpg.c, kbx/kbxutil.c, sm/gpgsm.c: uppercase after Syntax
* dirmngr/dirmngr_ldap: no period in Syntax
* dirmngr/dirmngr-client.c: infinitive for option description:
	s/certificates are expected/expect certificates/
2012-08-24 09:44:33 +02:00
David Prévot
94e663885b Actually show translators comments in PO files
--
2012-08-24 09:42:31 +02:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
0f02fba19d agent: Fix deadlock in trustlist due to the switch to npth.
* agent/trustlist.c (clear_trusttable): New.
(agent_reload_trustlist): Use new function.
(read_trustfiles): Require to be called with lock held.
(agent_istrusted): Factor all code out to ...
(istrusted_internal): new.  Add ALREADY_LOCKED arg.  Make sure the
table islocked.  Do not print TRUSTLISTFLAG stati if called internally.
(agent_marktrusted): Replace calls to agent_reload_trustlist by
explicit code.
--

In contrast to pth, npth does not use recursive mutexes by default.
However, the code in trustlist.c assumed recursive locks and thus we
had to rework it.
2012-04-30 14:37:36 +02:00
Werner Koch
de01c51ecb Print warning for arguments not considered an option.
GnuPG requires that options are given before other arguments.  This
can sometimes be confusing.  We now print a warning if we found an
argument looking alike a long option without being preceded by the
stop option.  This is bug#1343.

* common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New.
* common/argparse.c (arg_parse): Set new flag.
* g10/gpg.c (main): Print the warning.
* agent/gpg-agent.c (main): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
* g13/g13.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
2012-03-27 12:38:49 +02:00
Werner Koch
b817ae7df9 agent: Add pin length field to the shadowed private key format.
This is not yet fully implemented.  It will eventually allow to
support pinpad equipped readers which do not support variable length
pin lengths.
* agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and
parse pinlen info.  Change all callers to pass NULL for it.
2012-02-07 14:17:33 +01:00
Werner Koch
12ea5c904c Use new status printing functions.
* agent/command.c (cmd_geteventcounter): Get rid of static buffers.
* scd/command.c (cmd_serialno, cmd_learn): Simplify by using
print_assuan_status.
2012-02-07 13:52:31 +01:00
Werner Koch
e78585cd0f agent: New function agent_print_status.
* common/asshelp2.c (vprint_assuan_status): New.
(print_assuan_status): Re-implement using above func.
* agent/command.c (agent_print_status): New.
2012-02-07 12:46:32 +01:00
Werner Koch
7981cdd134 agent: Simplify printing of INQUIRE_MAXLEN.
* agent/command.c: Include asshelp.h.
(cmd_pkdecrypt, cmd_genkey, cmd_preset_passphrase)
(pinentry_loopback): Use print_assuan_status for INQUIRE_MAXLEN.
2012-02-06 21:04:22 +01:00
Werner Koch
eb0faef81d common: Add a global variable to for the default error source.
For the shared code parts it is cumbersome to pass an error sourse
variable to each function.  Its value is always a constant for a given
binary and thus a global variable makes things a lot easier than the
former macro stuff.
* common/init.c (default_errsource): New global var.
(init_common_subsystems): Rename to _init_common_subsystems.  Set
DEFAULT_ERRSOURCE.
* common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT.
(init_common_subsystems): New macro.
* common/util.h (default_errsource): Add declaration.
* kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.
2012-02-06 20:50:47 +01:00
Ben Kibbey
ecda65498a Also let GENKEY and PKDECRYPT send the INQUIRE_MAXLEN status message.
* agent/command.c (cmd_pkdecrypt): Send the INQUIRE_MAXLEN status
message before doing the inquire.
(cmd_genkey): Ditto.
2012-02-03 17:50:22 -05:00
Ben Kibbey
3f7788f2e0 Inform the client of the preset passphrase length.
* agent/command.c (cmd_preset_passphrase): Send the INQUIRE_MAXLEN
status message before inquiring the passphrase.
2012-02-01 21:38:13 -05:00
Ben Kibbey
cf748e8736 Return GPG_ERR_CARD_NOT_PRESENT when pinentry-mode=loopback.
Since there isn't a way to prompt the user to insert the smartcard when
pinentry-mode=loopback, return GPG_ERR_CARD_NOT_PRESENT instead of
GPG_ERR_NO_PIN_ENTRY.

* agent/divert-scd.c (ask_for_card): Return GPG_ERR_CARD_NOT_PRESENT
when pinentry-mode=loopback.
2012-01-25 19:41:05 -05:00
Ben Kibbey
3da10eefcb Also check for GPG_ERR_ASS_CANCELED during an inquire.
Fix pinentry-mode=loopback when cancelling an inquire from scdaemon.
This is similar to commit 4f21f8d but for both protocol command
cancellation and pinentry cancellation.

* agent/call-scd.c (agent_card_pkdecrypt): Check for
GPG_ERR_ASS_CANCELED.
(agent_card_pksign): Ditto.
2012-01-25 19:40:58 -05:00
Werner Koch
2be7818c6d Fix strerror vs. gpg_strerror usage.
This bug was introduced by the migration to npth.
* agent/gpg-agent.c (handle_connections): Use strerror.
2012-01-25 14:59:01 +01:00
Werner Koch
15eddd217f Re-indent overlong lines.
--
2012-01-25 14:50:47 +01:00
Werner Koch
a55d2e16f1 Add missing variable.
* agent/gpg-agent.c (handle_connections) [!W32]: Add missing variable.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
4074f96627 Port LDAP wrapper to NPTH.
* agent/gpg-agent.c (handle_connections): Handle error.
* dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c: Port to NPTH.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
ccbb4c3652 Port Windows code to NPTH.
* agent/gpg-agent.c (get_agent_ssh_socket_name): Use
INVALID_HANDLE_VALUE instead of 0.
(handle_signal) [!HAVE_W32_SYSTEM]: Don't define.
(handle_connections): Port Windows code to NPTH.
* dirmngr/dirmngr.c (handle_connections): Port Windows code to NPTH.
* g13/g13.c (handle_connections): Port Windows code to NPTH.
* scd/scdaemon.c (handle_connections): Port Windows code to NPTH.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
7a7a597827 Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-25 14:50:47 +01:00
Ben Kibbey
ae981dd8f4 Add the INQUIRE_MAXLEN status message.
This status message is used to inform the client of the maximum length
of an inquired passphrase and is used in pinentry-mode=loopback.

* agent/command.c (pinentry_loopback): Send the INQUIRE_MAXLEN status
message before doing the inquire.
2012-01-17 19:49:10 -05:00
Jim Meyering
37801918cb gpg-agent: fix lc-messages handling not to change Xauthority setting
* agent/gpg-agent.c (main): Supply omitted "break" statement for
lc-messages option.  Otherwise, control would fall through to the
following oXauthority case and use the same value there.
2012-01-16 11:49:38 +01:00
Werner Koch
75a402fc25 Fix indentation. 2012-01-15 12:37:33 +01:00
Ben Kibbey
4f21f8d6e1 Fix scdaemon pinentry inquire cancelation.
Similar to commit 29af488 but also fixes PKDECRYPT and PKSIGN.

* agent/call-scd.c (agent_card_pkdecrypt): Check for GPG_ERR_CANCELED
when returning from the PKDECRYPT operation of scdaemon and cancel the
inquire.
(agent_card_pksign): Ditto.
(cancel_inquire): New.
2012-01-14 10:29:35 -05:00
Werner Koch
d01d9ff11f Terminate csh commands with a semicolon.
Fixes bug#1386.

* agent/gpg-agent.c (main): Terminate csh style output with a semicolon.
* scd/scdaemon.c: Ditto.
2012-01-03 11:13:30 +01:00
Marcus Brinkmann
a2d9e48fcc Only set gcrypt thread callback for older version of gcrypt.
* agent/gpg-agent.c, dirmngr/dirmngr.c, g13/g13.c, scd/scdaemon.c
(USE_GCRY_THREAD_CBS): New macro, defined if
GCRY_THREAD_OPTION_VERSION is 0.
(fixed_gcry_pth_init) [!USE_GCRY_THREAD_CBS]: Don't define.
(main) [!USE_GCRY_THREAD_CBS]: Do not install thread callbacks.
2012-01-02 22:15:00 +01:00
Werner Koch
366512abe4 Require Libassuan 2.0.3
* configure.ac: Require Libassuan 2.0.3.
* agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement.
* agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove
dependency.
(cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto.
* scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20 11:12:21 +01:00
NIIBE Yutaka
f6251c0d0a Don't kill pinentry by SIGKILL but let it quit by SIGINT.
* agent/call-pinentry.c (agent_popup_message_stop): To pinentry, send
SIGINT (was: SIGKILL).
2011-12-16 09:09:41 +09:00
Werner Koch
45cf9de341 agent: Pass comment lines from scd verbatim thru gpg-agent.
* agent/call-scd.c (pass_status_thru): Pass comment lines verbatim.
* tools/gpg-connect-agent.c (help_cmd_p): New.
(main): Treat an "SCD HELP" the same as "HELP".
2011-12-14 15:42:28 +01:00
Werner Koch
9274d4d182 Fix last change.
* agent/command.c (start_command_handler): Remove use of removed var.
2011-12-05 15:14:47 +01:00
Werner Koch
477360e8cd Amend the agent code with more comments.
* agent/command.c (server_local_s): Remove unused field MESSAGE_FD.
2011-12-05 15:05:57 +01:00
Werner Koch
2336b09779 Generate the ChangeLog from commit logs.
* scripts/gitlog-to-changelog: New script.  Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.

Rename all ChangeLog files to ChangeLog-2011.
2011-12-01 11:09:02 +01:00
Werner Koch
781e9746df Improve ssh card key diagnostic message.
* command-ssh.c (card_key_available): Change wording of no key
diagnostic.
(ssh_handler_request_identities): Do not call card_key_available
if the scdaemon is disabled.
2011-11-28 10:48:25 +01:00
Ben Kibbey
0dcf517700 Allow no protection in pinentry-mode=loopback.
When the inquired passphrase has a 0 length then treat it as no
protection.
2011-09-13 08:33:43 +02:00
Ben Kibbey
eb5709f554 Fixed invalid free. 2011-09-13 08:33:01 +02:00
Ben Kibbey
fb1cdd7b0e Handle pinentry-mode=loopback.
When this mode is set an inquire will be sent to the client to retrieve
the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the
GENKEY and PASSWD commands use when generating a new key.
2011-09-12 09:54:16 +02:00
Werner Koch
816bee1fa0 Fixed set but unused variable bugs 2011-08-10 14:11:30 +02:00
Ben Kibbey
28eac436bb Update option s2k-count to match the documentation.
The option would previously return an error if its value was < 65536.
2011-08-10 12:46:06 +02:00
Werner Koch
81389383a3 Made the KILLAGENT and KILLSCD commands working again.
This requires that GnuPG is build with a newer version of Libassuan
(2.0.3).
2011-08-10 11:47:04 +02:00
Werner Koch
809dfd70e3 Make the inquire cancel fix a little bit more robust. 2011-07-27 11:10:15 +02:00
Ben Kibbey
29af48840f Fixed gpg-agent SCD inquire command cancellation.
Need to send the CANCEL command back to scdaemon otherwise the next SCD
command will fail.
2011-07-27 10:58:52 +02:00
Werner Koch
6f86ee812f Fix crash while reading unsupported ssh keys.
This bug was found by n-roeser at gmx.net
(gnupg-devel@, msgid 4DFC7298.4040509@gmx.net).
2011-07-22 09:29:40 +02:00
Werner Koch
093ed70fbf Allow listing of ssh fingerprint with the agent's KEYINFO command. 2011-07-20 21:13:24 +02:00
Werner Koch
d479906991 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-07-20 20:49:41 +02:00
Ben Kibbey
137e3a0fbc Added gpg-agent OPTION "s2k-count".
When unset or 0, the calibrated count will be used.
2011-06-29 13:17:25 +02:00
Marcus Brinkmann
1c684df5b8 Fix size_t vs int issues. 2011-06-01 21:43:30 +02:00
Werner Koch
f8285f9b00 Add fixme note regarding pth_kill 2011-04-29 16:44:28 +02:00
Werner Koch
817f07173c Fixed regression in OpenPGP secret key export.
The protection used in the exported key used a different iteration
count than given in the S2K field.  Thus all OpenPGP keys exported
from GnuPG 2.1-beta can't be imported again.  Given that the actual
secret key material is kept in private-keys-v1.d/ the can be
re-exported with this fixed version.
2011-04-26 20:39:09 +02:00
Werner Koch
4caa768f1d Add OPTION:cache-ttl-opt-preset to gpg-agent.
This option may be used to change the default ttl values use with the
--preset option of GENKEY and PASSWD.
2011-04-21 15:40:48 +02:00
Marcus Brinkmann
70b871abbc Fix gpg-agent secure memory leak in OpenPGP private key import.
2011-04-20  Marcus Brinkmann  <mb@g10code.com>

        * command.c (cmd_import_key): Release key from failed import
        before converting openpgp private key in the openpgp-private-key
        case.
2011-04-20 11:33:09 +02:00
Ben Kibbey
b5f585f7d7 Another PASSWD --preset fix.
Check for an error before presetting the passphrase.
2011-04-18 10:20:36 +02:00
Ben Kibbey
b3c71eb26b Fixed PASSWD --preset.
The previous patch required that the keygrip be cached before adding the
new passphrase to the cache. No more.
2011-04-13 14:15:21 +02:00
Werner Koch
f8c5395fbd Use macros for the 120 and 900s cache TTLs. 2011-04-12 18:20:46 +02:00
Ben Kibbey
a9edbfb3a3 Added PASSWD --preset. 2011-04-12 18:04:53 +02:00
Ben Kibbey
944bf8f5b5 Added GENKEY --preset to add the passphrase of the generated key to the cache. 2011-04-12 18:00:59 +02:00
Ben Kibbey
893b455a3d Added KEYINFO field to show the protection type of a key. This differs from the second field which shows the location of the key. 2011-04-12 17:59:27 +02:00
Werner Koch
b9bcc77d6c Make use of gcry_kdf_derive.
Factoring common code out is always a Good Thing.  Also added a
configure test to print an error if gcry_kdf_derive is missing in
Libgcrypt.
2011-03-10 18:39:34 +01:00
Werner Koch
327af90594 Require libgcrypt 1.5
Without Libgcrypt 1.5 is was not possible to use ECC keys.  ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.

Also fixed a few missing prototypes.
2011-03-08 12:23:59 +01:00
Ben Kibbey
3582e2efa4 Added option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will be truncated to the first encountered null byte. 2011-03-04 09:39:39 +01:00
Werner Koch
b786f0e12b New agent option pinentry-mode.
This provides the framework and implements the ask, cancel and error.
loopback will be implemented later.
2011-03-03 18:35:08 +01:00
Werner Koch
1c09def22d Fix usage of SHA-2 algorithm with OpenPGP cards.
This was a regression in 2.1 introduced due to having the agent do the
signing in contrast to the old "SCD PKSIGN" command which accesses the
scdaemon directly and passed the hash algorithm.  The hash algorithm
is used by app-openpgp.c only for a sanity check.
2011-03-02 15:35:10 +01:00
Werner Koch
b7f74f5b46 Add comment to last patch. 2011-03-02 09:54:18 +01:00
Ben Kibbey
cb803a4b27 Added option --data to KEYINFO to return the result with a data response. 2011-03-02 09:45:31 +01:00
Ben Kibbey
fa58a834ff Let KEYINFO show the cached status of a key grip. 2011-03-02 09:32:35 +01:00
Werner Koch
528d77a0cc Rename Ben's new option. 2011-03-02 09:11:40 +01:00
Ben Kibbey
0706511b6d Added CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with a mode of CACHE_MODE_NORMAL. These cache modes are created with PKDECRYPT. 2011-03-02 09:08:00 +01:00
Werner Koch
8a7336e0bf Fix ECDSA 521 bit signing.
This fix also allows the creation and use of an 521 bit ECDH key which
used to fail while creating the binding signature.
2011-02-07 14:38:39 +01:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
0b5bcb40cf Finished ECC integration.
Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.
2011-02-03 16:35:33 +01:00
Werner Koch
4659c923a0 Sample ECC keys and message do now work.
Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
Werner Koch
328a642aa5 Fixed the ECC interface to Libgcrypt to be ABI compatible with the previous version.
Quite some changes were needed but in the end we have less code than
before.  Instead of trying to do everything with MPIs and pass them
back and forth between Libgcrypt and GnuPG, we know use the
S-expression based interface and make heavy use of our opaque MPI
feature.

Encryption, decryption, signing and verification work with
self-generared keys.

Import and export does not yet work; thus it was not possible to check
the test keys at https://sites.google.com/site/brainhub/pgpecckeys .
2011-01-31 15:44:24 +01:00
Werner Koch
0fb0bb8d9a Reworked the ECC changes to better fit into the Libgcrypt API.
See ChangeLog for details.  Key generation, signing and verification works.
Encryption does not yet work.  Requires latest Libgcrypt changes.
2011-01-31 09:27:06 +01:00
Werner Koch
c5e8a4c0fd Merge branch 'master' into ECC-INTEGRATION-2-1 2011-01-24 12:24:11 +01:00
Werner Koch
27929981fc Make most of the selftests work.
Note that there is still a problem with tests/openpgp/sigs.test while
using the option --digest-algo SHA256.
2011-01-21 15:22:41 +01:00
Werner Koch
90b0ff23b7 Editorial changes and allow building with old libgcrypts.
Changed order of some conditional to make to put the special case into
the true branch.  Indentation changes.  Minor other changes to make the
ECC code more similar to the rest of our code.

It builds but many sefltests still fail.  Need to fix that before
using it with an ECDH enabled libgcrypt.

[/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP.
	(HAVE_GCRY_PK_ECDH): Add new test.

[agent/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.

[include/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros
	because we now require libgcrypt 1.4.6.
	(GCRY_PK_ECDH): Add replacement.
2011-01-21 12:00:57 +01:00
Werner Koch
13acd78a39 Fixed a CR/LF problem on Windows 2011-01-19 18:05:15 +01:00
Andrey Jivsov
b73d8ed06f Fixed key generation with P-521. Confirmed that signature generation and verification work. 2011-01-12 21:14:45 -08:00
Andrey Jivsov
e0972d3d96 Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
The following works:
   gpg2 --gen-key (ECC)
   gpg2 --list-keys
   gpg2 --list-packets ~/.gnupg/pubring.gpg
   gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>

ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
2011-01-05 17:33:17 -08:00
Werner Koch
64a786b2d9 Change timer tick interval under Wince 2010-12-02 18:40:03 +00:00
Werner Koch
fcb5f7d08f s/AES/AES128/ in diagnostics and --list-config 2010-12-02 15:49:02 +00:00
Werner Koch
6dda170e32 Remove recently added debug output 2010-12-02 13:53:18 +00:00
Werner Koch
3d9e25e072 Init cache encryption on the fly.
add some debug code
2010-11-29 06:49:44 +00:00
Werner Koch
41a33e0c78 Remove superfluous parameter.
Make self-check interval larger
2010-11-26 09:42:56 +00:00
Werner Koch
b3f9e2130e Change stack size for Wince.
Allow for a longer agent atartup under wince.
Print gpg output via estream.
2010-11-23 18:46:41 +00:00
Werner Koch
2c982dcf86 Fix bug where scdaemon kills a non-daemon gpg-agent. 2010-11-11 15:07:37 +00:00
Werner Koch
dc5150db78 Honor TMPDIR. 2010-10-27 07:37:52 +00:00
Werner Koch
02e4c3cb7e Re-implemented GPG's --passwd command and improved it. 2010-10-26 09:10:29 +00:00
Werner Koch
52cbcd94ac Re-enabled german translation 2010-10-18 14:56:52 +00:00
Werner Koch
6872919efe Fix a signing problem with the card 2010-10-18 12:59:19 +00:00
Werner Koch
764e88d4df All tests work are again working 2010-10-14 16:34:31 +00:00
Werner Koch
fd19a84c80 Some tweaks to the agent startup. 2010-10-14 08:32:55 +00:00
Werner Koch
54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch
002b30e75c Import fixes.
new otion for watchgnupg
2010-10-06 11:29:10 +00:00
Werner Koch
cc71376bce Don't set SSH_AGENTPID_INFO.
Doc fixes.
Allow TCP and local sockets in watchgnupg.
2010-10-05 19:05:43 +00:00
Werner Koch
bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
4fdd83b401 Fix standard directories for Wince.
Typo fix.
2010-09-13 10:17:04 +00:00
Werner Koch
90a4599c5e Obscure the cached passphrases. 2010-09-02 10:46:23 +00:00
Werner Koch
a0b9ebfb7d Even less prompts for a new key now. 2010-09-01 12:49:05 +00:00
Werner Koch
31bc3c8edd s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.
Prepare for more use cases of the cache nonce.
2010-09-01 11:07:16 +00:00
Werner Koch
9a9b3da58f Use passphrase caching for import and genkey. 2010-09-01 09:48:35 +00:00
Werner Koch
87fac99112 Import OpenPGP keys into the agent. 2010-08-31 15:58:39 +00:00
Werner Koch
a400cfe14e . 2010-08-26 08:47:42 +00:00
Werner Koch
34dde96669 Fix regression in logging.
Add a registry key to enable catch-all remote debugging for W32.
Replace more stdio stuff by estream.
2010-08-18 19:25:15 +00:00
Werner Koch
d4d61b87f1 Fix dirmngr problems on CE.
Add new dirmngr commands.
Minor other fixes.
2010-08-12 11:43:46 +00:00
Werner Koch
8a61c30207 Pass on comments from SCD. 2010-08-11 13:11:04 +00:00
Werner Koch
e52f93433c Support logging via TCP 2010-08-09 15:40:29 +00:00
Werner Koch
c8bafe218c Fix a regression from 2010-06-09. 2010-06-24 10:51:30 +00:00
Werner Koch
1e7b03ef25 Remove cruft. 2010-06-21 10:04:36 +00:00
Werner Koch
91056b1976 Implement export of pkcs#12 objects using a direct agent connection. 2010-06-21 10:01:24 +00:00
Werner Koch
006fd75aea Avoid using the protect-tool to import pkcs#12. 2010-06-17 15:44:44 +00:00
Werner Koch
c3f08dcb72 Merged Dirmngr with GnuPG.
A few code changes to support dirmngr.
2010-06-09 16:53:51 +00:00
Werner Koch
bbe388b5db Add unfinished gpgtar.
Collected changes and ports of bug fixes from stable.
2010-06-07 13:33:02 +00:00
Werner Koch
f5551672fb Update tests. 2010-05-11 18:00:31 +00:00
Werner Koch
51e2703abe Auto starting the agent does now work on CE. 2010-05-04 15:21:47 +00:00
Werner Koch
8524ac000c auto start the agent if --use-standard-socket is in use. 2010-05-03 15:23:10 +00:00
Werner Koch
5b341a9a47 Ignore a stale agent socket. 2010-04-26 14:51:38 +00:00
Werner Koch
a1412b05de More changes on the way to remove secring.gpg. 2010-04-21 16:26:17 +00:00
Werner Koch
08ee8adc45 Remove dependency to simple-pwquery. 2010-04-14 16:52:02 +00:00
Werner Koch
53c636c4c6 ./autogen.sh --build-w32ce does now succeed. 2010-04-14 14:39:16 +00:00
Werner Koch
31d7bdfe77 Whole lot of changes to support CE. 2010-04-14 11:24:02 +00:00
Werner Koch
e64038608b More chnages to use estream. Add a way to replace the standard
descriptors.
2010-03-22 12:46:05 +00:00
Werner Koch
37870234a1 Use a custom log handler for libassuan. 2010-03-11 12:34:11 +00:00
Werner Koch
d8b1099d01 Merged jnlib into common. 2010-03-10 12:24:58 +00:00
Werner Koch
0e018d7144 Some minor changes and typo fixes.
Started to implement a TCP option in gpg-connect-agent.
2010-02-26 10:52:05 +00:00
Werner Koch
01a571a16b Provide default strings for the pinentry. 2010-02-17 19:03:37 +00:00
Werner Koch
7e97da9127 Fixed a regression introduced with 2.0.14. 2010-01-26 16:15:12 +00:00
Werner Koch
be45bf3d54 Add dummu option --passwd for gpg.
Collected changes.
2010-01-08 19:18:49 +00:00
Werner Koch
34baa18187 Do not use the VMC C reserved word readonly. 2009-12-15 11:03:17 +00:00
Werner Koch
4d693033ab Implement dynamic S2K count computation. 2009-12-14 20:12:56 +00:00
Werner Koch
9a96043be4 Unification of the search descriptor usage. 2009-12-08 16:30:33 +00:00
Marcus Brinkmann
146a4665bb common/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Convert posix FD to assuan FD.

agent/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* call-pinentry.c (start_pinentry): Convert posix fd to assuan fd.
	* call-scd.c (start_scd): Likewise.

sm/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* call-dirmngr.c (start_dirmngr_ext): Convert posix fd to assuan fd.

tools/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (main): Convert posix fd to assuan fd.
2009-12-08 04:43:15 +00:00
Werner Koch
cb5491bfaf support numeric debug levels. 2009-12-03 18:04:40 +00:00
Werner Koch
edd95da365 Fix usage of realloc. 2009-12-02 19:00:10 +00:00
Marcus Brinkmann
e1172f00be 2009-11-27 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Do not call
	assuan_set_log_stream anymore.
	* gpg-agent.c (main): But call assuan_set_assuan_log_stream here.
2009-11-27 19:13:02 +00:00
Marcus Brinkmann
18bdcc0881 agent/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (start_command_handler): Use assuan_fd_t and
	assuan_fdopen on fds.

scd/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (scd_command_handler): Use assuan_fd_t and
	assuan_fdopen on fds.

sm/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (gpgsm_server): Use assuan_fd_t and assuan_fdopen on
	fds.

g10/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (gpg_server): Use assuan_fd_t and assuan_fdopen on fds.
2009-11-25 17:58:26 +00:00
Marcus Brinkmann
1d3c39fd7b agent/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* call-pinentry.c (start_pinentry): Call assuan_pipe_connect, not
	assuan_pipe_connect_ext.
	* command.c (start_command_handler): Change
	assuan_init_socket_server_ext into assuan_init_socket_server.
	* call-scd.c (start_scd): Update use of assuan_socket_connect and
	assuan_pipe_connect.
	* gpg-agent.c (check_own_socket_thread, check_for_running_agent):
	Update use of assuan_socket_connect.

common/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Update use of
	assuan_socket_connect and assuan_pipe_connect.

scd/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (scd_command_handler): Call assuan_init_socket_server,
	not assuan_init_socket_server_ext.

sm/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* call-dirmngr.c (start_dirmngr_ext): Update use of
	assuan_pipe_connect and assuan_socket_connect.

tools/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (start_agent): Update use of
	assuan_socket_connect and assuan_pipe_connect.
2009-11-05 12:06:45 +00:00
Werner Koch
0781afbd9e Add help strings for all commands. 2009-11-04 11:58:06 +00:00
Werner Koch
8e8368b00e Adjust for assuan_register_command change. 2009-11-04 10:06:38 +00:00
Marcus Brinkmann
717c38381a agent/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (reset_notify): Take LINE arg and return error.
	(register_commands): Use assuan_handler_t type.

common/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* get-passphrase.c (default_inq_cb, membuf_data_cb): Change return
	type to gpg_error_t.

g10/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (reset_notify, input_notify, output_notify): Update to
	new assuan interface.
	(register_commands): Use assuan_handler_t.

scd/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (reset_notify): Take LINE arg and return error.
	(register_commands): Use assuan_handler_t type.

sm/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (reset_notify, input_notify, output_notify): Update to
	new assuan interface.
	(register_commands): Use assuan_handler_t.
	* call-agent.c (membuf_data_cb, default_inq_cb)
	(inq_ciphertext_cb, scd_serialno_status_cb)
	(scd_keypairinfo_status_cb, istrusted_status_cb)
	(learn_status_cb, learn_cb, keyinfo_status_cb): Return gpg_error_t.
2009-11-02 17:47:11 +00:00
Marcus Brinkmann
de563fdeb5 2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Check for libassuan instead of libassuan-pth.

common/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (libcommon_a_CFLAGS): Use LIBASSUAN_CFLAGS instead
	of LIBASSUAN_PTH_CFLAGS.

scd/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, scdaemon_LDADD: Use libassuan instead of libassuan-pth.
	* scdaemon.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.

g13/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, g13_LDADD: Use libassuan instead of libassuan-pth.
	* g13.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks.

agent/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
	libassuan-pth.
	* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.
	Fix invocation of assuan_socket_connect.
2009-10-16 18:35:03 +00:00
Werner Koch
1d0e9816e4 s/DOTLOCK/dotlock_t/.
Add some stuff for g13.
2009-09-23 10:28:41 +00:00
Marcus Brinkmann
3974488cd1 2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
	Update to new API (2, 1.1.0).

agent/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (parse_rereadable_options): Don't set global assuan
	log file (there ain't one anymore).
	(main): Update to new API.
	(check_own_socket_pid_cb): Return gpg_error_t instead of int.
	(check_own_socket_thread, check_for_running_agent): Create assuan
	context before connecting to server.
	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(write_and_clear_outbuf): Use gpg_error_t instead of
	assuan_error_t.
	(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
	(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
	(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
	(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
	(cmd_get_confirmation, cmd_learn, cmd_passwd)
	(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
	(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
	(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
	(post_cmd_notify): Change type of ERR to gpg_error_t from int.
	(io_monitor): Add hook argument.  Use symbols for constants.
	(register_commands): Change return type of HANDLER to gpg_error_t.
	(start_command_handler): Allocate assuan context before starting
	server.
	* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
	of GPG_ERR_SOURCE_DEFAULT check.
	(unlock_pinentry): Call assuan_release instead of
	assuan_disconnect.
	(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
	(start_pinentry): Allocate assuan context before connecting to
	server.
	* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
	(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
	(pass_data_thru): Change return type to gpg_error_t.
	(start_scd): Allocate assuan context before connecting to server.

common/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Allocate assuan context before
	starting server.

g10/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
	(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
	(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
	int.
	* gpg.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(main): Update to new Assuan API.
	* server.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
	(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
	instead of int.
	(register_commands): Allocate assuan context before starting
	server.
	(gpg_server): Allocate assuan_context before starting server.

scd/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
	(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
	(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
	(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
	(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
	(cmd_killscd): Return gpg_error_t instead of int.
	(scd_command_handler): Allocate assuan context before starting server.
	* scdaemon.c (main): Update to new Assuan API.

sm/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Update to new assuan API.
	* server.c: Include "gpgsm.h" before <assuan.h> due to check for
	GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
	(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
	(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
	(register_commands): Same for member HANDLER in table.
	(gpgsm_server): Allocate assuan context before starting server.
	* sm/call-dirmngr.c:
	* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
	setting LDAPSERVER.
	(start_dirmngr_ext): Allocate assuan context before starting
	server.
	(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
	(run_command_cb, run_command_inq_cb, run_command_status_cb):
	Return gpg_error_t instead of int.

tools/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
	(main): Update to new Assuan API.
2009-09-23 00:01:25 +00:00
Marcus Brinkmann
8cdc6e85ec 2009-09-04 Marcus Brinkmann <marcus@g10code.com>
* command.c (start_command_handler): Add comment about gap in
	implementation (in dead code), for future reference.
2009-09-04 17:39:50 +00:00
Werner Koch
25659d66f1 Ask to insert the right OpenPGP card. 2009-08-11 10:56:44 +00:00
Werner Koch
0792525d22 Make bug reporting address easier changeable. 2009-07-21 14:21:05 +00:00
Werner Koch
2193992559 Impleemned gpgsm's IMPORT --re-import feature.
Typo fix.
2009-07-07 16:52:12 +00:00
Werner Koch
f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch
2e0ce7d97f Fixed a bunch of little bugs as reported by Fabian Keil.
Still one problem left; marked with a gcc #warning.
2009-06-24 14:03:09 +00:00
Werner Koch
e05aeca87b Post release updates 2009-06-17 11:57:24 +00:00
Werner Koch
aa03d8f184 Use cancel button in confirmation only if requested. 2009-06-17 10:19:50 +00:00
Werner Koch
bdbeb0ac2b app-openpgp changes 2009-06-09 19:11:28 +00:00
Werner Koch
227d6626b0 Fix last change 2009-06-05 20:51:52 +00:00
Werner Koch
dac70ca2fd Fixed an fopen problem on Windows Vista. 2009-06-03 17:24:24 +00:00
Werner Koch
323cca8041 Fix for bug#1066.
A couple of minor changes.
2009-06-02 15:46:59 +00:00
Werner Koch
4fa261f8ec Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
Werner Koch
002f51031a Fix bug #1053
Add option --qualitybar to command GET_PASSPHRASE.
2009-05-15 11:16:28 +00:00
Marcus Brinkmann
6763dd76e0 2009-04-14 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (agent_get_confirmation): Try SETNOTOK command
	with pinentry.
2009-04-14 20:36:14 +00:00
Werner Koch
0b99639624 Ported changes from 1.4. 2009-04-01 13:23:27 +00:00
Werner Koch
f8b4cd7650 Import/export of pkcs#12 now uses the gpg-agent directly.
Removed duplicated code (percent unescaping).
2009-04-01 10:51:53 +00:00
Werner Koch
98e1a75e20 Implement decryption for TCOS 3 cards. 2009-03-30 12:46:06 +00:00
Werner Koch
990585ad7d Signing using Netkey 3 cards does now work. 2009-03-26 19:27:04 +00:00
Werner Koch
6e63e54b00 Fixed a trustlist update problem.
Pretty format the marktrusted pinentry prompt.
2009-03-26 11:33:53 +00:00
Werner Koch
ceb42db4dd Print NO_SECKEY status line in gpgsm.
This fixes bug#1020.
2009-03-25 16:05:16 +00:00
Werner Koch
6dc17a2b4d log file fixes. 2009-03-25 14:58:31 +00:00
Werner Koch
36d681d98e Fix keygrip computation for TCOS 3 cards.
Emit PROGRESS status lines during --learn-card.
2009-03-20 19:04:47 +00:00
Werner Koch
c2c3cf4be1 Changed order of the confirmation questions for root certificates
and stores negative answers in trustlist.txt.
2009-03-19 10:21:51 +00:00
Werner Koch
588a7c34bb Make sure not to leak file descriptors if running gpg-agent with a
command.  Restore the signal mask to solve a problem in Mono.
2009-03-19 07:09:31 +00:00
Werner Koch
370f841a01 Enhanced last patch. 2009-03-17 17:59:36 +00:00
Werner Koch
6e7c855d98 Move password repetition from gpg to gpg-agent. 2009-03-17 12:13:32 +00:00
Werner Koch
a9c317a95c New gpg-agent command to list key information.
Gpgsm does now print the S/N of cards.
Consider ephemeral keys during listing an export.
2009-03-06 17:31:27 +00:00
Werner Koch
59d7a54e72 New PIN Callback attributes in gpg-agent.
Common prompts for keypad and simple card reader.
More support for Netkey cards;  PIN management works now.
2009-03-05 19:19:37 +00:00
Werner Koch
c20b3db108 Add --reload command to gpgconf.
Fix a problem in exechelp.c
Get ready for a release.
2009-03-03 09:02:58 +00:00
Werner Koch
b61b2f542a Add missing option strings. 2009-03-02 12:32:54 +00:00
Werner Koch
596a2237c7 Fix bug#1003. 2009-03-02 10:26:37 +00:00
Werner Koch
618afc4231 Fixed a nasty bug in scdaemon which led to a card reset if the card was
inserted  during scdaemon startup and a connection was made before the
ticker had a chance to run.  Add some stuff for better debugging.
2009-02-25 10:58:56 +00:00
Werner Koch
7bd2e417d1 Fixed some card related problems. 2008-12-18 16:34:28 +00:00
Werner Koch
6a09ba60cc Fix signal handling race condition. 2008-12-17 19:42:17 +00:00
Werner Koch
c3752d1057 Add option --no-ask for GET_PASSPHRASE. 2008-12-10 12:41:15 +00:00
Werner Koch
de9cc953af Preparing a release candidate. 2008-12-09 11:54:40 +00:00
Werner Koch
382d2f8efb Minor fixes. 2008-12-09 08:58:02 +00:00
Werner Koch
78ff45c49e Align ticker to the full or half second. 2008-12-08 19:10:42 +00:00
Werner Koch
041c764672 Add option --card-timeout.
Add a new attribyte to app-openpgp.c
Fix two portability bugs.
Have gpg-connect-agent autostart gpg-agent on W32.
2008-12-05 12:01:01 +00:00
Werner Koch
5dc1c18c3a Print library versions according to GNU standards. 2008-11-18 18:01:03 +00:00
Werner Koch
aec79fc731 Minor cleanups. 2008-11-11 08:22:06 +00:00
Werner Koch
8997c155e3 Check that the socket is well and served by us. 2008-10-29 17:24:27 +00:00
Werner Koch
0a5f742466 Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
Werner Koch
0698c5169f Use more warning options with modern GCCs.
Other minor changes.
2008-10-17 19:18:46 +00:00
Werner Koch
b519a52cea Made scdaemon more robust on Windows. 2008-10-15 13:23:10 +00:00
Werner Koch
d0ca953014 SCD changes for PC/SC under W32. 2008-10-14 18:18:21 +00:00
Werner Koch
7d63aa42e5 Remove hacks which are not anymore needed since we now require Libgcrypt 1.4 2008-09-29 15:02:55 +00:00
Werner Koch
96f16f736e Finished support for v2 cards with the exception of secure messaging. 2008-09-25 10:06:02 +00:00
Werner Koch
f899b9683b Support the Certifciate DO of the v2 OpenPGP cards. 2008-09-23 09:57:45 +00:00
Werner Koch
5a8bf0bec6 Fix gpg-preset-passphrase bug.
Cleanups
2008-09-03 09:37:32 +00:00
Werner Koch
49b2db7636 Changes the header presented before requesting the user ID. 2008-06-01 19:44:05 +00:00
Werner Koch
138bf2dc15 Fixed segv in gpg-agent (command marktrusted).
Replaced almost all free by xfree.
Translation fixes.
2008-05-27 12:03:50 +00:00
Werner Koch
c2a8254be7 Fix a bug in the ambigious name detection.
Minor cleanups.
2008-03-20 15:31:43 +00:00
Werner Koch
30a97e770c Poems for AllowSetForegroundWindow (W32) 2008-02-14 19:50:10 +00:00
Marcus Brinkmann
a8fb3559b1 2008-01-15 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Start pinentry in detached
	mode.
2008-01-15 16:06:08 +00:00
Werner Koch
63ec0b271c Created help files form the current po entries. 2007-12-04 15:00:14 +00:00
Werner Koch
8c20500a5d Allow configuraton of pinentry tooltip.
Other minor buf fixes.
2007-12-04 11:23:31 +00:00
Werner Koch
5887cffd60 Fixed testing for an alive ssh standard socket. 2007-12-03 14:02:06 +00:00
Werner Koch
598a3d0ab4 [W32] Changed default socket for dirmngr.
[W32] Add some code for event notifications 
      between scdaemon and gpg-agent.
2007-11-27 08:01:19 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Werner Koch
fd5e7d44f3 Changed wording of passphrase checking messages.
Fixed a segv in gpg-connect-agent.
2007-10-24 08:06:16 +00:00
Werner Koch
c12ce55b25 Factored utf8 switching code out to i18n.c. 2007-10-19 15:58:38 +00:00
Werner Koch
917ee1d5fd 2007-10-15 Daiki Ueno <ueno@unixuser.org> (wk)
* command-ssh.c (reenter_compare_cb): New function; imported from
	genkey.c.
	(ssh_identity_register): Ask initial passphrase twice.
2007-10-15 14:50:07 +00:00
Werner Koch
ed7d2d72c6 Extended gpg-connect-agent.
New "GETINFO pid" command for scdaemon and gpg-agent.
2007-10-02 16:30:58 +00:00
Werner Koch
31c19d1d68 Use Assuan socket wrapper calls.
Made socket servers secure under Windows.
2007-10-01 14:48:39 +00:00
Werner Koch
a6b11ea482 Support the SETQUALITYBAR command of recent pinentries. 2007-09-18 11:40:09 +00:00
Marcus Brinkmann
58278955a7 2007-09-14 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (agent_popup_message_stop): Implement kill for
	Windows.
2007-09-14 14:25:02 +00:00
Werner Koch
19009f9959 Print used library version with --version.
Typo fixes
2007-09-14 13:38:36 +00:00
Werner Koch
b13587ef16 New command --check-programs for gpgconf. 2007-08-29 09:51:37 +00:00
Werner Koch
f268889b8f Add more passphrase policy rules.
(--max-passphrase-days).
2007-08-28 17:48:13 +00:00
Werner Koch
15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies.
New tool gpg-check-pattern.
2007-08-27 18:10:27 +00:00
Werner Koch
84efbe69c7 Fixed creation of private keys under W32.
Minor code cleanups.
2007-08-22 20:36:33 +00:00
Werner Koch
f81f521a72 Updated estream.
More changes for Windows.
2007-08-22 10:55:07 +00:00
Werner Koch
74d344a521 Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
Werner Koch
ebd36b6344 Factored common gpgconf constants out
Fixed W32 compare_filenames
2007-08-02 18:12:43 +00:00
Werner Koch
11573b09c4 Typo fixes.
Made --default-key work for gpgsm
Add --default-key and --encrypt-to to gpgconf.
2007-07-17 18:11:24 +00:00
Werner Koch
bce4ea798a Properly close files opened by es_fopen.
Allow setting of an empty passphrase.
Assorted W32 changes.
2007-07-16 09:53:47 +00:00
Werner Koch
2f6b5cee0a Last minute Makefile library reordering for the sake of non-GNU systems. 2007-07-05 20:11:11 +00:00
Werner Koch
4631bc8ddf Fixed card key generation of gpg2.
Reveal less information about timings while generating a key.
2007-07-05 16:58:19 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
f54b85bc2d A bunch of minor changes for Windows. 2007-07-04 09:34:28 +00:00
Werner Koch
a7fe86bc02 More W32 related changes 2007-06-26 13:48:44 +00:00
Werner Koch
0b66f30d66 Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under Windows. 2007-06-21 18:44:48 +00:00
Werner Koch
09cc0ee7be [w32] gpg-agent is now started automagically by gpgsm. 2007-06-20 11:16:42 +00:00
Werner Koch
540f9164c0 Made percent_escape more general.
Added regression tests support to jnlib.
W32 changes.
2007-06-19 09:11:11 +00:00
Marcus Brinkmann
e47321829d jnlib/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* stringhelp.h (percent_escape): New prototype.
	* stringhelp.c (percent_escape): New function.

agent/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (main): Percent escape pathname in --gpgconf-list
	output.

g10/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg.c (gpgconf_list): Percent escape output of --gpgconf-list.

scdaemon/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* scdaemon.c (main): Percent escape output of --gpgconf-list.

sm/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Percent escape output of --gpgconf-list.
2007-06-18 20:15:01 +00:00
Werner Koch
ad4a6067ca Add missing fiels for W32.
New agent commands: GETINFO and KILLAGENT (w32 only).
Agent does now detach from the console.
2007-06-18 10:33:12 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Marcus Brinkmann
b9042f1cec agent/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* protect-tool.c (get_passphrase): Free ORIG_CODESET on error.

g10/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* passphrase.c (passphrase_get): Free ORIG_CODESET on error.

sm/
2007-05-18  Marcus Brinkmann  <marcus@g10code.de>

	* qualified.c (gpgsm_qualified_consent,
	gpgsm_not_qualified_warning): Free ORIG_CODESET on error.
	* certdump.c (gpgsm_format_keydesc): Likewise.

tools/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (confucius_get_pass): Free ORIG_CODESET on error.
2007-05-18 22:58:59 +00:00
Werner Koch
5f3bca9682 Use estream_asprintf instead of the GNU asprintf. 2007-05-15 16:10:48 +00:00
Werner Koch
b89d98e335 Improved logging for error orginating from libgcrypt. 2007-04-20 16:59:37 +00:00
Werner Koch
61bcf36235 * trustlist.c (read_trustfiles): Take a missing trustlist as an
empty one.
2007-04-03 18:43:00 +00:00
Werner Koch
fd628ffda1 Allow setting of the passphrase encoding of pkcs#12 files.
New option --p12-charset.
2007-03-20 10:00:55 +00:00
Werner Koch
083010a53d * PKCS#12 import now tries several encodings in case the passphrase
was not utf-8 encoded.
2007-03-19 18:54:34 +00:00
Werner Koch
ed84b0f787 Support for a global gpgconf configuration file. 2007-03-06 20:44:41 +00:00
Werner Koch
e8402d514e * call-pinentry.c (start_pinentry): Fix for OS X to allow loading
of the bundle.  Tested by Benjamin Donnachie.
2007-02-20 14:55:32 +00:00
Werner Koch
5240d014f8 agent/
* gpg-agent.c: New option --pinentry-touch-file.
	(get_agent_socket_name): New.
	* agent.h (opt):  Add pinentry_touch_file.
	* call-pinentry.c (start_pinentry): Send new option to the
	pinentry.
2007-02-14 16:27:55 +00:00
Werner Koch
cde3f5e61f agent/
* command-ssh.c (stream_read_string): Initialize LENGTH to zero.
	(start_command_handler_ssh): Use es_fgetc/es_ungetc to check if
	EOF has been reached before trying to process another request.
2007-01-31 14:52:48 +00:00
Werner Koch
b861561e47 Included LIBICONV in all Makefiles.
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
2007-01-31 14:24:41 +00:00
Werner Koch
0d4b205630 jnlib/
* stringhelp.c (utf8_charcount): New.
agent/
	* genkey.c (check_passphrase_constraints): Use UTF-8 aware strlen.
2007-01-25 10:26:55 +00:00
Werner Koch
39fbda4e3c agent/
* genkey.c (check_passphrase_constraints): Get ngettext call right.
2007-01-25 09:15:10 +00:00
Werner Koch
6cee3e66c2 agent/
* protect-tool.c (get_passphrase): New arg OPT_CHECK.
	(get_new_passphrase): Enable OTP_CHECK on the first call.
	* command.c (cmd_get_passphrase): Implement option --check.

	* gpg-agent.c (MIN_PASSPHRASE_LEN): New
	(parse_rereadable_options): New option 	--min-passphrase-len.
	* genkey.c (check_passphrase_constraints): New.
	(agent_genkey, agent_protect_and_store): Call new function.  Fix
	memory leak.

	* call-pinentry.c (agent_askpin): Allow translation of the displayed
	error message.
	(agent_popup_message_start): Remove arg CANCEL_BTN.
	(popup_message_thread): Use --one-button option.

	* command.c (cmd_passwd): Now that we don't distinguish between
	assuan and regular error codes we can jump to the end on error.

common/
	* simple-pwquery.c (simple_pwquery): New arg OPT_CHECK.
2007-01-25 08:30:47 +00:00
David Shaw
7b9eee1e5e Makefile.am: Link to iconv for jnlib dependency. (OSX) 2006-12-07 23:20:20 +00:00
Werner Koch
5885142c83 Made some PIN pads work.
Some cleanups for 64 bit CPUs.
2006-11-20 16:49:41 +00:00
Werner Koch
a9c688e4d9 Silent GETEVENT command. Requires latest libassuan.
agent/
* command.c (post_cmd_notify, io_monitor): New.
(register_commands, start_command_handler): Register them.
2006-11-14 16:40:44 +00:00
Werner Koch
a98ea89fa5 New command GETEVENTCOUNTER.
* command.c (bump_key_eventcounter): New.
(bump_card_eventcounter): New.
(cmd_geteventcounter): New command.
* gpg-agent.c (handle_signal): Call bump_card_eventcounter.
* findkey.c (agent_write_private_key): Call bump_key_eventcounter.
* trustlist.c (agent_reload_trustlist): Ditto.
2006-11-14 14:53:42 +00:00
Werner Koch
650293c4f6 sm/
* server.c (skip_options): Skip leading spaces.
(has_option): Honor "--".
(cmd_export): Add option --data to do an inline export.  Skip all
options.

* certdump.c (gpgsm_fpr_and_name_for_status): New.
* verify.c (gpgsm_verify): Use it to print correct status messages.

doc/
* gpgsm.texi (GPGSM EXPORT): Document changes.
2006-11-14 10:23:21 +00:00
Werner Koch
c1f4a8edff gpg-agent.c (main): In detached mode connect standard descriptors to /dev/null.
Other minor fixes
2006-11-09 16:09:46 +00:00
Werner Koch
7b8ea82ab6 . 2006-10-23 14:02:13 +00:00
Werner Koch
2a9f9d76a2 Allow importing of web.de generated p12 files 2006-10-23 10:52:23 +00:00
Werner Koch
df52700f5c Fixes 2006-10-19 14:22:06 +00:00
Werner Koch
be410be660 Pth tweaks and improved estream.c 2006-10-17 14:34:42 +00:00
Werner Koch
416ac2e4d7 Allow to cancel marktrusted. 2006-10-16 17:36:44 +00:00
Werner Koch
43825e9dae Allow pkcs#10 creation directkly from a smart card 2006-10-11 17:52:15 +00:00
Werner Koch
2e8481c03b Various changes 2006-10-10 11:11:04 +00:00
Werner Koch
4d770bedc1 Make it also work for the card. 2006-10-06 11:06:15 +00:00
Werner Koch
5134fc27b3 Add TLS hash mode 2006-10-06 10:58:18 +00:00
Werner Koch
158a69aff7 bug fixes 2006-10-05 11:06:42 +00:00
Werner Koch
8684a78518 Fixed agent access for gpg. 2006-10-04 16:45:04 +00:00
Werner Koch
f28d2d5c43 let cmd learn also return KEYPAIRINFO 2006-09-26 17:32:28 +00:00
Werner Koch
d94faf4a3d New "relax" option for trustlist.txt 2006-09-25 18:29:20 +00:00
Werner Koch
f9ff194bc2 Preparing a new release 2006-09-25 07:59:34 +00:00
Werner Koch
c69dc436ce Cleanups. 2006-09-20 11:01:49 +00:00
Werner Koch
7f42987b07 Allow for a global trustlist. 2006-09-15 18:53:37 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
9577dd45ab Various fixes and new features.
Enhanced gpg-connect-agent.
2006-09-13 15:57:30 +00:00
Werner Koch
6374763c98 Let scdaemon call a script on status changes 2006-09-07 15:13:33 +00:00
Marcus Brinkmann
bffa1dcf6e 2006-09-06 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (AM_CFLAGS): Add $(GPG_ERR_CFLAGS).
	(gpg_agent_LDADD): Replace -lgpg-error with $(GPG_ERROR_LIBS).
2006-09-06 20:57:57 +00:00
Werner Koch
eef036df23 The big Assuan error code removal. 2006-09-06 16:35:52 +00:00
Werner Koch
7b9fa9da99 Minor changes and typo fixes. 2006-09-06 11:53:24 +00:00
Werner Koch
529a543bb7 Added comamnds PUTVAL and GETVAL 2006-09-04 08:07:12 +00:00
Werner Koch
d8602648b8 See ChangeLogs 2006-08-29 16:18:30 +00:00
Werner Koch
6870dcf05d Allow for 4k ssh keys and better error reporting. 2006-08-29 13:12:01 +00:00
Werner Koch
b744f963d7 With --enable-gpg the keyservers are now build and a first test using gpg2
shows no prblems.   Needs more testing of course.
2006-08-16 10:47:53 +00:00
Marcus Brinkmann
6d77c76ef2 2006-07-29 Marcus Brinkmann <marcus@g10code.de>
* preset-passphrase.c (preset_passphrase): Do not strip off last
	character of passphrase.
	(make_hexstring): New function.
	* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
	check passphrase argument.  Truncate passphrase at delimiter.
2006-07-29 16:40:54 +00:00
Werner Koch
b37c1ce1b9 Create bag attributes so that Mozilla will accept these files.
Tested with using a CAcert generated certificate.
2006-07-24 11:20:33 +00:00
Werner Koch
d035d2a52e Support import from TrustedMIME (i.e. from simple keyBags) 2006-07-21 09:41:11 +00:00
Werner Koch
98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch
f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Werner Koch
f89ee4a44d Add MAC t P12 files. 2006-06-20 15:48:09 +00:00
Marcus Brinkmann
aed46885ab 2006-06-09 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
	(gpg_protect_tool_LDADD): Likewise.
	(gpg_preset_passphrase_LDADD): Likewise.
2006-06-09 10:28:26 +00:00
Marcus Brinkmann
55e3d83edf agent/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).

scd/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
2006-06-09 10:23:30 +00:00
Moritz Schulte
76cb368202 2006-04-09 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
	possible DoS attack.
2006-04-09 11:31:37 +00:00
Moritz Schulte
4a31738bd1 2006-04-01 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
	instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
	byte - KEY_GRIP_RAW is a raw binary string anyway.
2006-04-01 11:04:14 +00:00
Werner Koch
4472efd12c PIN caching of cards does now work. 2006-02-09 18:29:31 +00:00
Werner Koch
38e7c4c50a Fixed importing certs created by newer versions of Mozilla. 2005-12-16 15:52:48 +00:00
Werner Koch
6a13cf2c3d Preparing an interim release 2005-11-28 11:52:25 +00:00
Marcus Brinkmann
41e8fded0a agent/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpg_protect_tool_LDADD): Add ../gl/libgnu.a.
	(gpg_preset_passphrase_LDADD, t_common_ldadd): Likewise.
	(gpg_agent_LDADD): Add ../gl/libgnu.a after ../common/libcommon.a.

kbx/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (kbxutil_LDADD): Add ../gl/libgnu.a after
	../jnlib/libjnlib.a.

scd/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (scdaemon_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.
sm/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpgsm_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.

tools/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpgconf_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.
	(symcryptrun_LDADD, gpg_connect_agent_LDADD, gpgkey2ssh_LDADD):
	Likewise.
2005-10-08 00:13:27 +00:00
Werner Koch
19724f13bc Fixed padding in pkcs#12 2005-09-16 12:49:53 +00:00
Moritz Schulte
f96f84f7a0 2005-09-15 Moritz Schulte <moritz@g10code.com>
* t-protect.c (test_agent_protect): Implemented.
	(main): Disable use of secure memory.
2005-09-15 17:36:30 +00:00
Werner Koch
aa7eccfbef Fixed yesterdays change. Importing to Outlook seems to work now. 2005-09-09 13:48:48 +00:00
Werner Koch
6f90f05cb2 Bug fixes and ssh support for the BELPIC. 2005-09-09 11:18:08 +00:00
Werner Koch
0a09a6316e Use a default argument for --write-env-file. 2005-08-16 09:15:09 +00:00
Werner Koch
3919421a4f About to release 1.9.18 2005-08-01 16:54:54 +00:00
Werner Koch
a2d1673d66 * findkey.c (agent_public_key_from_file): Fixed array assignment.
This was the cause for random segvs.

* call-agent.c (gpgsm_agent_readkey): New.
2005-07-25 14:35:04 +00:00
Werner Koch
f1ce96e404 (data_sign): Removed empty statement. 2005-06-29 14:12:18 +00:00
Werner Koch
deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
2005-06-16 08:12:03 +00:00
Werner Koch
3370164182 New debugging optionhs, updates to the manual. 2005-06-07 19:09:18 +00:00
Werner Koch
f1dac8851d * command.c (cmd_updatestartuptty): New.
* gpg-agent.c: New option --write-env-file.

* gpg-agent.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.

* estream.c: Use HAVE_CONFIG_H and not USE_CONFIG_H!
(es_func_fd_read, es_func_fd_write): Protect against EINTR.

* gpg-agent.texi (Agent UPDATESTARTUPTTY): New.

* scdaemon.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.
(handle_connections): Include the file descriptor into the name of
the thread.
2005-06-03 13:57:24 +00:00
Werner Koch
cad9562436 * configure.ac (gl_INIT): Add gnulib stuff.
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check.  Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.

* gpg-agent.c: Include setenv.h.

* Makefile.am (AM_CPPFLAGS): Added.

* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.

* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h

* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/iobuf.c.

* scdaemon.c: Include mkdtemp.h.

* misc.c: Include setenv.h.

* symcryptrun.c: Include mkdtemp.h.
2005-06-01 15:46:01 +00:00
Werner Koch
6e522257a9 * agent.h (out_of_core): s/__inline__/inine. Noted by Ray Link.
* dynload.h: s/__inline__/inline/.

* tlv.c [GNUPG_MAJOR_VERSION==1]: Define constants instead of
including a gnupg 1.4 header.

* watchgnupg.c: Make sure that PF_LCOAL and AF_LOCAL are defines.
Noted by Ray Link.
2005-05-31 20:03:04 +00:00
Werner Koch
e96af3715b * call-scd.c (inq_needpin): Skip leading spaces in of PIN
description.
* divert-scd.c (getpin_cb): Enhanced to cope with description
flags.
* query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all
callers.
2005-05-24 12:37:36 +00:00
Werner Koch
05e1dc22f0 * call-scd.c (start_scd): Don't test for an alive scdaemon here.
(agent_scd_check_aliveness): New.
* gpg-agent.c (handle_tick): Test for an alive scdaemon.
(handle_signal): Print thread info on SIGUSR1.

* scdaemon.c (handle_signal): Print thread info on SIGUSR1.
2005-05-21 18:49:00 +00:00
Werner Koch
41862f5f13 * protect-tool.c: New option --canonical.
(show_file): Implement it.

* keyformat.txt: Define the created-at attribute for keys.

* ccid-driver.c: Replaced macro DEBUG_T1 by a new debug level.
(parse_ccid_descriptor): Mark SCR335 firmware version 5.18 good.
(ccid_transceive): Arghhh.  The seqno is another bit in the
R-block than in the I block, this was wrong at one place.

* scdaemon.c: New options --debug-ccid-driver and
--debug-disable-ticker.

* app-openpgp.c (do_genkey, do_writekey): Factored code to check
for existing key out into ..
(does_key_exist): .. New function.

* gpg-connect-agent.c (add_definq, show_definq, clear_definq)
(handle_inquire): New.
(read_and_print_response): Handle INQUIRE command.
(main): Implement control commands.
2005-05-20 20:39:36 +00:00
Werner Koch
4237a9cc7f Changed the scdaemon to handle concurrent sessions. Adjusted
gpg-agent accordingly. Code cleanups.
2005-05-18 10:48:06 +00:00
Moritz Schulte
2fb1abb849 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c: Use ssh_key_grip(), where
        gcry_pk_get_keygrip() has been used before.
	(ssh_handler_sign_request): Removed unusued variable P.
2005-05-05 14:57:59 +00:00
Moritz Schulte
e22f6db544 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_key_to_buffer): Rename to ...
	(ssh_key_to_protected_buffer): ... this; change callers.
	Improved documentation.
2005-05-05 14:49:54 +00:00
Werner Koch
526ed521a7 . 2005-04-20 19:19:24 +00:00
Moritz Schulte
a78c5e9673 2005-04-20 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities): Removed
	debugging code (sleep call), which was commited unintenionally.
2005-04-20 14:47:19 +00:00
Werner Koch
eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
Werner Koch
1c88f744d6 typo fixes 2005-04-11 16:09:18 +00:00
Moritz Schulte
6ece9a0de9 2005-04-03 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_spec): New member: secret_input.
	(REQUEST_SPEC_DEFINE): New argument: secret_input.
	(request_specs): Add secret_input flag.
	(request_spec_lookup): New function ...
	(ssh_request_process): ... use it here; depending on secret_input
	flag allocate secure or non-secure memory.
2005-04-09 16:41:28 +00:00
Werner Koch
df05dde9d5 * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used
--ldflags instead of --cflags. Reported by Kazu Yamamoto.

* Makefile.am (AM_CFLAGS): Added PTH_CFLAGS.  Noted by Kazu Yamamoto.

* Makefile.am (gpgsm_LDADD): Added PTH_LIBS.  Noted by Kazu Yamamoto.
2005-03-03 10:15:07 +00:00
Moritz Schulte
843e844d98 2005-03-02 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (sexp_key_extract): Removed FIXME, since
	xtrymallos does set errno correctly by now.
	(sexp_extract_identifier): Remove const attribute from identifier.
	(ssh_handler_request_identities): Remove const attribute from
	key_type; removes ugly casts and FIXME.
	(sexp_key_extract): Remove const attribute from comment.
	(ssh_send_key_public): Remove const attribute from
	key_type/comment; removes ugly cast.
	(data_sign): Remove const attribute from identifier; removes ugly
	cast.
	(key_secret_to_public): Remove const attribute from comment;
	removes ugly cast.
	(ssh_handler_sign_request): Remove const attribute from p.
	(sexp_key_extract): Use make_cstring().
	(ssh_key_extract_comment): Likewise.
	(ssh_key_to_buffer): Use secure memory for memory area to hold the
	key S-Expression.
	Added more comments.
2005-03-02 20:36:50 +00:00
Werner Koch
faef9f929b * findkey.c (modify_description): Keep invalid % escapes, so that
%0A may pass through.

* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.

* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.

* xasprintf.c (xtryasprintf): New.

* app-openpgp.c (get_public_key): Make sure not to return negative
numbers.
(do_sign): Allow passing of indata with algorithm prefix.
(do_auth): Allow OPENPGP.3 as an alternative ID.

* app.c (app_getattr): Return just the S/N but not the timestamp.

* no-libgcrypt.c (gcry_strdup): New.
2005-02-25 16:14:55 +00:00
Werner Koch
1f1f28555a * call-scd.c (unescape_status_string): New. Actual a copy of
../g10/call-agent.c
(card_getattr_cb, agent_card_getattr): New.

* command-ssh.c (card_key_available): New.
(ssh_handler_request_identities): First see whether a card key is
available.

* app.c (app_getattr): Return APPTYPE or SERIALNO type even if the
application does dot support the getattr call.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.
(scd_update_reader_status_file): Set the error flag on all changes.
2005-02-24 21:40:48 +00:00
Werner Koch
3af261572b * gpg-agent.c (handle_connections): Need to check for events if
select returns with -1.

* tools.texi (gpg-connect-agent): New.

* app-openpgp.c (get_one_do): Never try to get a non cacheable
object from the cache.
(get_one_do): Add new arg to return an error code.  Changed all
callers.
(do_getattr): Let it return a proper error code.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.

* scdaemon.c (ticker_thread): Termintate if a shutdown is pending.

* apdu.c: Added some PCSC error codes.
(pcsc_error_to_sw): New.
(reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu)
(open_pcsc_reader): Do proper error code mapping.

* gpg-connect-agent.c: New.
* Makefile.am: Add it.
2005-02-24 17:36:11 +00:00
Werner Koch
4e5bf2fd93 * command-ssh.c (get_passphrase): Removed.
(ssh_identity_register): Partly rewritten.
(open_control_file, search_control_file, add_control_entry): New.
(ssh_handler_request_identities): Return only files listed in our
control file.

* findkey.c (unprotect): Check for allocation error.

* agent.h (opt): Add fields to record the startup terminal
settings.
* gpg-agent.c (main): Record them and do not force keep display
with --enable-ssh-support.
* command-ssh.c (start_command_handler_ssh): Use them here.

* gpg-agent.c: Renamed option --ssh-support to
--enable-ssh-support.

* command.c (cmd_readkey): New.
(register_commands): Register new command "READKEY".

* command-ssh.c (ssh_request_process): Improved logging.

* findkey.c (agent_write_private_key): Always use plain open.
Don't depend on an umask for permissions.
(agent_key_from_file): Factored file reading code out to ..
(read_key_file): .. new function.
(agent_public_key_from_file): New.
2005-02-23 21:06:32 +00:00
Werner Koch
cf8f6d3cef (stream_read_string): Removed call to abort on
memory error because the CVS version of libgcrypt makes sure
that ERRNO gets always set on error even with a faulty user
supplied function.
2005-02-22 18:08:28 +00:00
Moritz Schulte
823eaefb0b 2005-02-19 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
	not use elems_secret member of key_spec.
	(ssh_key_type_spec): Removed member: elems_secret.
	(ssh_key_types): Removed elems_secret data.
	(ssh_sexp_construct): Renamed to ...
	(sexp_key_construct): ... this; changed callers.
	(ssh_sexp_extract): Renamed to ...
	(sexp_key_extract): ... this; changed callers.
	(ssh_sexp_extract_key_type): Renamed to ...
	(sexp_extract_identifier): ... this; changed callers; use
	make_cstring().
	Added more comments.
2005-02-19 17:17:30 +00:00
Moritz Schulte
cd42f5e45f 2005-02-18 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
	template, clarified.
	(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
	protected-private key and shadowed-private-key as public keys.
	(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
	and ssh_sexp_construct().
2005-02-18 19:08:24 +00:00
Werner Koch
84282a9538 (modify_description): Don't increment OUT_LEN during
the second pass.
2005-02-15 16:23:45 +00:00
Moritz Schulte
fce56851f0 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (uint32_construct): New macro ...
	(stream_read_uint32): ... use it; removed unnecessary cast.
2005-02-14 20:44:22 +00:00
Moritz Schulte
c4b986c731 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (es_read_byte): Renamed to ...
	(stream_es_read_byte): ... this; changed callers.
	(es_write_byte): Renamed to ...
	(stream_write_byte): ... this; changed callers.
	(es_read_uint32): Renamed to ...
	(stream_read_uint32): ... this; changed callers.
	(es_write_uint32): Renamed to ...
	(stream_write_uint32): ... this; changed callers.
	(es_read_data): Renamed to ...
	(stream_read_data): ... this; changed callers.
	(es_write_data): Renamed to ...
	(stream_write_data): ... this; changed callers.
	(es_read_string): Renamed to ...
	(stream_read_string): ... this; changed callers.
	(es_read_cstring): Renamed to ...
	(stream_read_cstring): ... this; changed callers.
	(es_write_string): Renamed to ...
	(stream_write_string): ... this; changed callers.
	(es_write_cstring): Renamed to ...
	(stream_write_cstring): ... this; changed callers.
	(es_read_mpi): Renamed to ...
	(stream_read_mpi): ... this; changed callers.
	(es_write_mpi): Renamed to ...
	(stream_write_mpi): ... this; changed callers.
	(es_copy): Renamed to ...
	(stream_copy): ... this; changed callers.
	(es_read_file): Renamed to ...
	(file_to_buffer): ... this; changed callers.
	(ssh_identity_register): Removed variable description_length;
	changed code to use asprintf for description.
	(stream_write_uint32): Do not filter out the last byte of shift
	expression.
2005-02-14 20:07:01 +00:00
Werner Koch
b326996b78 * AUTHORS: Copied from 1.4 and edited to refelct the changes in
1.9.

* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.

* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.

* command-ssh.c: Removed stdint.h.  s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):

* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation.  Make comment a C-string.  Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.

* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value.  Documented.  Changed callers.
(create_server_socket): Cleanups similar to above.  Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this.  Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept.  Test all FDs after returning from a
select.  Remove the event tests from the accept calls.  The select
already assured that the accept won't block.
2005-02-03 17:40:02 +00:00
Moritz Schulte
5ba1e5cfb7 2005-01-29 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities)
	(ssh_handler_sign_request, ssh_handler_add_identity)
	(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
	(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
	code instead of a boolean.
	(ssh_request_process): Changed to return a boolean instead of an
	error; adjust caller.
	(ssh_request_handle_t): Adjusted type.
	(ssh_request_spec): New member: identifier.
	(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
	request_specs[].
	(ssh_request_process): In debugging mode, log identifier of
	handler to execute.
	(start_command_handler_ssh): Moved most of the stream handling
	code ...
	(ssh_request_process): ... here.
2005-01-29 22:43:00 +00:00
Moritz Schulte
2b8e9bc5c5 2005-01-28 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
	ssh_identity_register().
	(ssh_identity_register): New argument: ctrl; pass ctrl to
	get_passphrase().
	(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
	(start_command_handler_ssh): Use agent_init_default_ctrl();
	deallocate structure members, which might be dynamically
	allocated.
	(lifetime_default): Removed variable.
	(ssh_handler_add_identity): Fix ttl handling; renamed variable
	`death' to `ttl'.
	(ssh_identity_register): Fix key grip handling.
2005-01-28 19:57:14 +00:00
Moritz Schulte
0cb7a855ab 2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_sign_request): Confirm to agent
	protocol in case of failure.
2005-01-26 22:33:11 +00:00
Moritz Schulte
e776d52ba5 added missing file 2005-01-26 22:25:36 +00:00
Moritz Schulte
a5d3f8a6e7 2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c: New file.
	* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.

	* findkey.c (modify_description): New function.
	(agent_key_from_file): Support comment field in key s-expressions.

	* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
	(opts) New entry for oSSHSupport.
	New variable: socket_name_ssh.
	(cleanup_do): New function based on cleanup().
	(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
	(main): New switch case for oSSHSupport.
	(main): Move socket name creation code to ...
	(create_socket_name): ... this new function.
	(main): Use create_socket_name() for creating socket names for
	socket_name and for socket_name_ssh in case ssh support is
	enabled.
	Move socket creation code to ...
	(create_server_socket): ... this new function.
	(main): Use create_server_socket() for creating sockets.
	In case standard_socket is set, do not only store a socket name in
	socket_name, but also in socket_name_ssh.
	Generate additional environment info strings for ssh support.
	Pass additional ssh socket argument to handle_connections.
	(start_connection_thread_ssh): New function.
	(handle_connections): Use select to multiplex between gpg-agent
	and ssh-agent protocol.

	* agent.h (struct opt): New member: ssh_support.
	Declare function: start_command_handler_ssh.
2005-01-26 22:20:21 +00:00
Werner Koch
444c93043d * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test
program to see whether the installation is sane.

* certreqgen.c (proc_parameters): Cast printf arg.
2005-01-13 18:00:46 +00:00
Werner Koch
2f0c8ff6fb (agent_put_cache): Fix the test for using the default
TTL.
2005-01-04 08:33:20 +00:00
Werner Koch
01f3f25158 * preset-passphrase.c (preset_passphrase): Handle --passphrase.
* Makefile.am (gpg_preset_passphrase_LDADD): Reorder libs so that
pwquery may use stuff from jnlib.  Conditionally add -lwsock2
(gpg_protect_tool_LDADD): Ditto.

* preset-passphrase.c (main): Use default_homedir().
(main) [W32]: Initialize sockets.

* simple-pwquery.c (agent_open) [W32]: Implement for W32.
(readline) [W32]: Use recv instead of read.
(writen) [W32]: Use send instead of write.
(my_stpcpy): Define a stpcpy replacement so that this file
continues to be self-contained.
(agent_send_all_options) [W32]: Don't call ttyname.

* gnupg-badge-openpgp.eps, gnupg-badge-openpgp.jpg: New
* gnupg.texi: Add a logo.
* sysnotes.texi: New.

* gpgsm.c (main): Use default_homedir().
(main) [W32]: Default to disabled CRL checks.

* gpgconf-comp.c (get_config_pathname) [DOSISH]: Detect absolute
pathnames with a drive letter.
2004-12-21 19:05:15 +00:00
Werner Koch
878cf20766 * gpg-agent.c (main): Use default_homedir().
* protect-tool.c (main): Ditto.

* signal.c (got_fatal_signal, got_usr_signal)
(got_fatal_signal) [DOSISH]: Don't build.
* simple-gettext.c: Include sysutils.h

* homedir.c: New.
* Makefile.am (libcommon_a_SOURCES): Add it.
(EXTRA_DIST): Removed mkerror and mkerrtok.

* gpgv.c, g10.c (main): Use default_hoemdir ().

* scdaemon.c (main): Use default_homedir().

* gpgsm.c (main): Use default_homedir().
2004-12-21 10:03:00 +00:00
Werner Koch
581f5ddb17 * configure.ac: Add PATHSEP_C and PATHSEP_S. For W32 let all
directories default to c:/gnupg.  Require libassuan 0.6.9.

* gpg-agent.c (main) [W32]: Now that Mutexes work we can remove
the pth_init kludge.
(main): Add new options --[no-]use-standard-socket.
(check_for_running_agent): Check whether it is running on the
standard socket.

* sysutils.h [W32]: Define sleep.
* util.h: Add prototype for mkdtemp.

* call-agent.c (start_agent): Before starting a pipe server start
to connect to a server on the standard socket.  Use PATHSEP
* call-dirmngr.c (start_dirmngr): Use PATHSEP.

* import.c: Include unistd.h for dup and close.
2004-12-20 16:17:25 +00:00
Werner Koch
18fd4964f6 * call-scd.c (init_membuf, put_membuf, get_membuf): Removed. We
now use the identical implementation from ../common/membuf.c.

* pksign.c (agent_pksign): Changed arg OUTFP to OUTBUF and use
membuf functions to return the value.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* genkey.c (agent_genkey): Ditto.
* command.c (cmd_pksign, cmd_pkdecrypt, cmd_genkey): Replaced
assuan_get_data_fp() by a the membuf scheme.
(clear_outbuf, write_and_clear_outbuf): New.

* membuf.c (put_membuf): Wipe out buffer after a failed realloc.
2004-12-20 08:32:56 +00:00
Werner Koch
e212805a9c * query.c (initialize_module_query): New.
* call-scd.c (initialize_module_call_scd): New.
	* gpg-agent.c (main): Call them.
2004-12-19 17:45:50 +00:00
Werner Koch
8f22f895e9 * query.c (initialize_module_query):
* call-scd.c (initialize_module_call_scd): New.

* w32-pth.c (pth_init): Enable debugging depending on env var.
(pth_self): New.
(pth_mutex_release, pth_mutex_acquire): Implemented directly using
the W32 API.
2004-12-19 17:44:20 +00:00
Werner Koch
e73100a940 * maperror.c (map_assuan_err_with_source): Oops, args were swapped.
* w32-pth.c (pth_init): Enable debugging depending on env var.
2004-12-19 13:38:24 +00:00
Werner Koch
694037f2a5 * configure.ac (AH_BOTTOM): Define EXEEXT_S.
* autogen.sh: Updated --build-w32 feature.

* gpg-agent.c (main):  Remove special Pth initialize.

* w32-pth.c (pth_init): Reverse return values.  Use TRUE and FALSE
constants.
(pth_kill, pth_mutex_acquire, pth_attr_set, pth_join, pth_cancel):
Ditto.

* scdaemon.c (main) [W32]: Remove special Pth initialize..
2004-12-18 18:53:32 +00:00
Werner Koch
3666a2859b Avoid the " map_to_assuan_status called with no error source" diagnostic. 2004-12-18 10:22:10 +00:00
Moritz Schulte
d75eda2b87 2004-12-17 Moritz Schulte <moritz@g10code.com>
* query.c: Undo change from 2004-12-05.
2004-12-17 20:41:50 +00:00
Werner Koch
69967b0412 A whole bunch of changes to allow building for W32. 2004-12-15 14:15:54 +00:00
Werner Koch
53ae21e745 Yep. No lost threads anymore.
(_pth_strerror): Renamed to ...
(w32_strerror): .. this. And let callers provide a buffer.
(spawn_helper_thread): Removed HD arg and hardwire the stack size
to 32k.
(do_pth_wait): Removed use of ATTR; not needed for the helper
threads.
(helper_thread): Renamed to ..
(launch_thread): .. this.  Release handle if not joinable.
(struct pth_priv_hd_s): Renamed to ...
(struct thread_info_s): .. this.  Add member JOINABLE and TH.
2004-12-14 19:20:36 +00:00
Werner Koch
2946819dfc More fixes. First successful use; leaks threads, though. 2004-12-14 14:49:21 +00:00
Werner Koch
801ab88522 VArious hacks to make it at least build under W32.
* stringhelp.c (w32_strerror) [W32]: New.

* w32-pth.c, w32-pth.h: Added real code written by Timo	Schulz.
Not finished, though.

* gpgconf-comp.c <ignore-ocsp-service-url>: Fixed typo.
2004-12-13 15:49:56 +00:00
Moritz Schulte
14524a8e79 2004-12-05 Moritz Schulte <moritz@g10code.com>
* query.c (start_pinentry): Allow CTRL be NULL.
2004-12-05 15:36:49 +00:00
Werner Koch
4a73d94757 First take on a W32 port 2004-12-02 07:48:09 +00:00
Werner Koch
280a222553 (parse_rereadable_options): Return "not handled"
when the log file has not beend hadled.  This is will let the main
option processing continue. Fixed a bug introduced on 2004-09-4
resulting in logging to stderr until a HUP has been given.
(main): Don't close the listen FD.
2004-10-22 09:39:47 +00:00
Werner Koch
335b5e4ac4 Preparing a new release. Updated gettext 2004-09-30 14:34:34 +00:00
Werner Koch
530a0a91c4 * minip12.c (parse_bag_encrypted_data): Print error if a bad
passphrase has been given.

* gpg-agent.texi (Invoking GPG-AGENT): Add a few words about the
expected pinentry filename.

* import.c (parse_p12): Write an error status line for bad
passphrases. Add new arg CTRL and changed caller.
* export.c (export_p12): Likewise.
2004-09-29 13:50:31 +00:00
Werner Koch
5e9f8cd329 (agent_unprotect): Fixed wiping of CLEARTEXT. Thanks
to Moritz for pointing this out.
2004-09-28 14:12:10 +00:00
Moritz Schulte
1db08a412c 2004-09-25 Moritz Schulte <moritz@g10code.com>
* agent.h: Declare: agent_pksign_do.
	(struct server_control_s): New member: raw_value.

	* pksign.c (do_encode_md): New argument: raw_value; support
	generation of raw (non-pkcs1) data objects; adjust callers.
	(agent_pksign_do): New function, based on code ripped
	out from agent_pksign.
	(agent_pksign): Use agent_pksign_do.

	* command.c (start_command_handler): Set ctrl.digest.raw_value.
2004-09-26 21:48:13 +00:00
Werner Koch
0cb56ad4ac (check_for_running_agent): New.
(main): The default action is now to check for an already running
agent.
(parse_rereadable_options): Set logfile only on reread.
(main): Do not print the "is development version" note.
2004-09-09 07:27:57 +00:00
Werner Koch
ebaba6bdab * gpg-agent.c: New option --max-cache-ttl. Suggested by Alexander
Belopolsky.
* cache.c (housekeeping): Use it here instead of the hardwired
default of 1 hour.
2004-08-20 13:43:14 +00:00
Werner Koch
0ded031237 (start_pinentry): Use a timeout for the pinentry lock. 2004-08-20 13:03:32 +00:00
Werner Koch
6c3677c296 (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded. Add new prompt values.
(import_p12_file, import_p12_file, export_p12_file): Changed calls
to get_passphrase so that better prompts are displayed.
(get_new_passphrase): New.
2004-08-18 16:21:13 +00:00
Werner Koch
aac85ca314 (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded.
2004-08-18 12:47:33 +00:00
Werner Koch
d9147773b4 * trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
2004-07-22 09:37:36 +00:00
Moritz Schulte
4b3427c6ce 2004-06-20 Moritz Schulte <moritz@g10code.com>
* gpg-agent.c: Include <sys/stat.h> (build fix for BSD).
2004-06-20 11:35:13 +00:00
Werner Koch
89da78cdf3 about to release 1.9.9 2004-06-08 19:10:32 +00:00
Werner Koch
2cce42c23f * gpg-agent.c (handle_signal): Reload the trustlist on SIGHUP.
(start_connection_thread): Hack to simulate a ticker.
* trustlist.c (agent_trustlist_housekeeping)
(agent_reload_trustlist): New.  Protected all global functions
here with a simple counter which is sufficient for Pth.

* fingerprint.c (gpgsm_get_key_algo_info): New.
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
* keylist.c (list_cert_colon): Really print the algorithm and key
length.
(list_cert_raw, list_cert_std): Ditto.
(list_cert_colon): Reorganized to be able to tell whether a root
certificate is trusted.
2004-05-11 19:11:53 +00:00
Werner Koch
30bbef1a28 * gpg-agent.c: Remove help texts for options lile --lc-ctype.
(main): New option --allow-mark-trusted.
* trustlist.c (agent_marktrusted): Use it here.

* gpg-agent.texi (Agent Options): Add --allow-mark-trusted.

* gpgconf-comp.c: Add --allow-mark-trusted for the gpg-agent.
2004-05-03 13:37:38 +00:00
Werner Koch
28f89ad245 * protect-tool.c: New option --enable-status-msg.
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.

* import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
2004-04-30 15:24:33 +00:00
Werner Koch
623fad67a5 * gpg-agent.c (parse_rereadable_options): New arg REREAD. Allow
changing oLogFile.
(current_logfile): New.

* logging.c (log_set_file): Make sure the log stream will be
closed even if the stderr fileno will be assigned to a new socket.
2004-04-30 03:58:21 +00:00
Werner Koch
d74d2f5bc9 (start_scd): Do not register an event signal if we
are running as a pipe server.
2004-04-26 18:26:41 +00:00
Werner Koch
3d58329f67 * call-scd.c (start_scd): Send event-signal option. Always check
that the scdaemon is still running.

* gpg-agent.c (handle_signal): Do not use SIGUSR{1,2} anymore for
changing the verbosity.
2004-04-21 14:43:51 +00:00
Werner Koch
e21bf7b9e0 * gpg-agent.c (main): Tell the logging code taht we are runnign
detached.

* logging.h (JNLIB_LOG_WITH_PREFIX): Add constants for the flag
values.
* logging.c (log_set_prefix): New flag DETACHED.
(fun_writer): Take care of this flag.
(log_test_fd): New.
2004-04-16 09:46:54 +00:00
Werner Koch
d84d632583 * configure.ac: Require libgcrypt 1.1.94.
Introduce PACKAGE_GT and set it to gnupg2.

* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.

* Makevars (DOMAIN): Init from PACKAGE_GT
2004-04-06 10:01:04 +00:00
Werner Koch
cd3e11add8 (main): Use new libgcrypt thread library register
scheme.
2004-04-06 07:36:44 +00:00
Marcus Brinkmann
6c80bd0b49 2004-03-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (main): For now, always print the default config
	file name for --gpgconf-list.
2004-03-23 12:21:29 +00:00
Werner Koch
d714e81e58 * gpg-agent.c (main) <gpgconf>: Fixed default value quoting.
* scdaemon.c (main) <gpgconf>: Fixed default value quoting.
* gpgsm.c (main) <gpgconf>: Fixed default value quoting.
2004-03-17 13:01:16 +00:00
Werner Koch
a854459fc1 (parse_rereadable_options): Use the new
DEFAULT_CACHE_TTL macro.
(main): Updated --gpgconf-list output.
2004-03-16 18:59:35 +00:00
Werner Koch
3e8221e955 (parse_rereadable_options): Use the new
DEFAULT_CACHE_TTL macro.
(main): Updated --gpgconf-list output.
2004-03-16 10:48:42 +00:00
Werner Koch
a425334f48 * command.c (cmd_passwd): Take acount of a key description.
* genkey.c (reenter_compare_cb): Do not set the error text.
(agent_protect_and_store, agent_genkey): Force a re-enter after a
non-matching passphrase.
* query.c (agent_askpin): Add new arg INITIAL_ERRTEXT; changed
all callers.
2004-02-21 13:05:22 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
Werner Koch
bda3467067 * protect-tool.c (main): Setup the used character set.
* gpg-agent.c (main): Ditto.

* gpg-agent.c (set_debug): New.  New option --debug-level.
(main): New option --gpgconf-list.
2004-02-18 16:57:38 +00:00
Werner Koch
cbff0b05e5 * command.c (cmd_setkeydesc): New.
(register_commands): Add command SETKEYDESC.
(cmd_pksign, cmd_pkdecrypt): Use the key description.
(reset_notify): Reset the description.
* findkey.c (unprotect): Add arg DESC_TEXT.
(agent_key_from_file): Ditto.
* pksign.c (agent_pksign): Ditto.
* pkdecrypt.c (agent_pkdecrypt): Ditto. Made CIPHERTEXT an
unsigned char*.
2004-02-13 17:06:34 +00:00
Werner Koch
8b49254b97 Removed debugging cruft. 2004-02-13 12:39:49 +00:00
Werner Koch
b01d989925 (main): New options --no-fail-on-exist, --homedir.
(store_private_key): Use them here.
2004-02-13 12:37:54 +00:00
Werner Koch
f5c3d2712b Include cmacros.am for common flags.
(libexec_PROGRAMS): Put gpg-protect-tool there.
2004-02-12 09:27:36 +00:00
Werner Koch
a1dd1cc223 * minip12.c (parse_bag_encrypted_data): Finished implementation.
(p12_parse): Add callback args.
* protect-tool.c (import_p12_cert_cb): New.
(import_p12_file): Use it.
2004-02-10 19:26:55 +00:00
Werner Koch
cfb33014ae Fixed a build bug (straw letter in sm/import.c) and updated the documentation. 2004-02-04 19:13:16 +00:00
Werner Koch
31de2267ec * findkey.c (agent_key_from_file): Extra paranoid wipe.
* protect.c (agent_unprotect): Ditto.
(merge_lists): Ditto. Add arg RESULTLEN.
* pkdecrypt.c (agent_pkdecrypt): Don't show the secret key even in
debug mode.

* protect.c: Add DSA and Elgamal description.
2004-02-03 16:24:37 +00:00
Werner Koch
b11106ebf0 * agent.h (server_control_s): Add connection_fd field.
* command.c (start_command_handler): Init it here.
* gpg-agent.c (agent_init_default_ctrl): and here.
* call-scd.c: Add the CTRL arg to all functions calling start_scd
and pass it to start_scd.  Changed all callers
(start_scd): Keep track of the current active connection.
(agent_reset_scd): New.
* command.c (start_command_handler): Call it here.
* learncard.c (agent_handle_learn): Add arg CTRL; changed caller.
(send_cert_back): Ditto.
2004-01-29 20:17:27 +00:00
Werner Koch
fa5d1513a2 (agent_marktrusted): Check whether the trustlist is
writable.
2004-01-28 16:19:46 +00:00
Werner Koch
eb24d8b751 Some minor bug fixes, new test utilities and started support for other
smartcard applications.
2004-01-27 16:40:42 +00:00
Werner Koch
203e1cc272 * call-scd.c (atfork_cb): New.
(start_scd): Make sure secmem gets cleared.
* query.c  (atfork_cb): New.
(start_pinentry): Make sure secmem gets cleared.
2004-01-24 20:50:49 +00:00
Werner Koch
671f696e55 * findkey.c (agent_key_from_file): Now return an error code so
that we have more detailed error messages in the upper layers.
This fixes the handling pinentry's cancel button.
* pksign.c (agent_pksign): Changed accordingly.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* command.c (cmd_passwd): Ditto.
2004-01-16 17:39:58 +00:00
Werner Koch
f438224dae (main): Set the prefixes for assuan logging. 2003-12-16 16:30:55 +00:00
Werner Koch
d06cba6984 * protect.c (do_encryption): Use gcry_create_nonce instad of the
obsolete WEAK_RANDOM.
2003-12-16 11:30:38 +00:00
Werner Koch
fbd0f91c82 * sexp-parse.h (snext): Don't use atoi_1 and digitp macros, so
that this file is useful by other applications too.
2003-12-01 10:53:26 +00:00
Werner Koch
dba40e5e45 Mainly changes to adjust for the changed KSBA API. 2003-11-12 15:17:44 +00:00
Werner Koch
71d265a684 * command.c (cmd_get_confirmation): New command. 2003-10-31 12:11:48 +00:00
Werner Koch
936250aac9 * configure.ac (HAVE_LIBUSB): Added a simple test for libusb.
* scdaemon.c, scdaemon.h: New option --pcsc-ccid.
* ccid-driver.c, ccid-driver.h: New but far from being useful.
* Makefile.am: Add above.
* apdu.c: Add support for that ccid driver.
2003-09-02 19:06:34 +00:00
Timo Schulz
4498a55dfb 2003-08-20 Timo Schulz <twoaday@freakmail.de>
* pksign.c (do_encode_md): Allocate enough space. Cast md
        byte to unsigned char to prevent sign extension.
2003-08-20 20:20:59 +00:00
Timo Schulz
aa6e3f7d28 Forgot to remove the unsued variable. 2003-08-14 19:10:12 +00:00
Timo Schulz
7abac1ad8e 2003-08-14 Timo Schulz <twoaday@freakmail.de>
* pksign.c: do_encode_md: Due to the fact pkcs#1 padding
        is now in Libgcrypt, use the new interface.
2003-08-14 19:06:46 +00:00
Repo Admin
9ca4830a5b This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-08-05 17:11:04 +00:00
Repo Admin
7250331472 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-06-05 07:14:21 +00:00
Repo Admin
7b6f1902d0 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-01-09 13:29:36 +00:00
Repo Admin
82a17c9fb3 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2002-10-19 07:55:27 +00:00
Werner Koch
2d432afff6 * gpg-agent.c (handle_signal): Flush cache on SIGHUP.
* cache.c (agent_flush_cache): New.
* gpg-agent.c, agent.h: Add --keep-display and --keep-tty.
* query.c (start_pinentry): Implement them.  The option passing
needs more thoughts.
2002-09-26 07:10:56 +00:00
Werner Koch
d044a90f6c * gpg-agent.c (create_private_keys_directory)
(create_directories): New.
(main): Try to create a home directory.
2002-09-09 10:15:21 +00:00
Neal Walfield
32abeed559 2002-09-04 Neal H. Walfield <neal@g10code.de>
* gpg-agent.c (main): Use sigaction, not signal.
2002-09-05 16:28:31 +00:00
Neal Walfield
712af9e3ca 2002-09-03 Neal H. Walfield <neal@g10code.de>
* findkey.c: Include <fcntl.h>.
	(agent_write_private_key): Prefer POSIX compatibity, open and
	fdopen, over the simplicity of GNU extensions, fopen(file, "x").
2002-09-05 16:21:43 +00:00
Werner Koch
26f4dbc64b * query.c (agent_askpin): Provide the default desc text depending
on the pininfo.  Do the basic PIN verification only when
min_digist is set.
2002-08-22 09:47:39 +00:00
Werner Koch
cda3b913db * query.c (agent_askpin): Hack to show the right default prompt.
(agent_get_passphrase): Ditto.

* Makefile.am: Renamed the binary protect-tool to gpg-protect-tool.
* protect-tool.c: Removed the note about internal use only.

* gpg-agent.c (main): New option --daemon so that the program is
not accidently started in the background.
2002-08-21 11:11:04 +00:00
Werner Koch
a71981bace * divert-scd.c (getpin_cb): Pass a more descritive text to the
pinentry.

* Makefile.am: Renamed the binary protect-tool to gpg-protect-tool.
* protect-tool.c: Removed the note about internal use only.

* gpg-agent.c (main): New option --daemon so that the program is
not accidently started in the background.
2002-08-21 08:18:23 +00:00
Werner Koch
ca7ed726a7 * call-scd.c (learn_status_cb): Handle CERTINFO status.
(agent_card_learn): Add args for certinfo cb.
* learncard.c (release_certinfo,certinfo_cb): New.
(send_cert_back): New. With factored out code from ..
(agent_handle_learn): here.  Return certinfo stuff.
2002-08-16 14:24:38 +00:00
Werner Koch
9c86904866 Minor changes for gettext 2002-08-10 11:25:32 +00:00
Werner Koch
ebaf7d6e45 Minor fixes 2002-08-09 18:13:24 +00:00
Werner Koch
f7bf66d89d typo fix. 2002-07-01 13:21:39 +00:00
Werner Koch
2082905525 * query.c (start_pinentry): Use GNUPG_DERAULT_PINENTRY.
* call-scd.c (start_scd): Use GNUPG_DEFAULT_SCDAEMON.
2002-06-29 14:01:35 +00:00
Werner Koch
3672606145 * protect-tool.c (export_p12_file): New.
(main): New command --p12-export.
* minip12.c (create_final,p12_build,compute_tag_length): New.
(store_tag_length): New.
2002-06-28 09:30:35 +00:00